WebMvcConfigurerAdapter
拦截所有请求
@Configuration
public class CustMvcConfigurerAdapter extends WebMvcConfigurerAdapter {
@Autowired
private CustInterceptor custInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(custInterceptor).addPathPatterns("/**");
}
}
排除指定路径
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(custInterceptor).addPathPatterns("/**").excludePathPatterns("/select/**");
}
拦截指定路径
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(custInterceptor).addPathPatterns("/user/**");
}
CustInterceptor
具体拦截类
@Component
public class CustInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
boolean needLogin = needLogin(request);
if (!needLogin) {
return true;
}
boolean isLogin = checkLogin(request, response);
return isLogin;
}
}
needLogin
private static boolean needLogin(HttpServletRequest request) {
String servletPath = request.getServletPath();
return true;
}
checkLogin
private boolean checkLogin(HttpServletRequest request, HttpServletResponse response) throws Exception{
return true;
}
总结
url请求分为三种,
1.不需要登陆,不需要权限
2.需要登陆,不需要权限
3.需要登陆,需要权限
第一种,直接放行,可以写死在项目里面,写个map,也可以请求后台数据库
第二种,必须登陆,可以写死到项目里面,写个map,也可以请求后台数据库
第三种,登陆需要权限,最好请求后台数据库
需要考虑的问题,还有很多,比如权限缓存,用户登陆缓存,用户越权操作,更改用户缓存等等,在实际场景中都需要考虑。
版权声明:本文为lvhonglei1987原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。