第一步:创建拦截器
创建类实现HandlerInterceptor,类加上 @Component注解,重写HandlerInterceptor的三个方法,然后根据需要在三个方法中写业务逻辑即可
package com.nowcoder.community.controller.interceptor;
import...
@Component
public class LoginTicketInterceptor implements HandlerInterceptor {
@Autowired
private UserService userService;
@Autowired
private HostHolder hostHolder;
@Override
/**
* 请求到Controller层之前
*/
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 从cookie中获取凭证
String ticket = CookieUtil.getValue(request, "ticket");
if (ticket != null) {
// 查询凭证
LoginTicket loginTicket = userService.findLoginTicket(ticket);
// 检查凭证是否有效
if (loginTicket != null && loginTicket.getStatus() == 0 && loginTicket.getExpired().after(new Date())) {
// 根据凭证查询用户
User user = userService.findUserById(loginTicket.getUserId());
// 在本次请求中持有用户
hostHolder.setUser(user);
//构建用户认证结果存入SecurityContext,便于授权功能
// 构建用户认证的结果,并存入SecurityContext,以便于Security进行授权.
Authentication authentication = new UsernamePasswordAuthenticationToken(
user, user.getPassword(), userService.getAuthorities(user.getId()));
SecurityContextHolder.setContext(new SecurityContextImpl(authentication));
}
}
//释放请求
return true;
}
@Override
/**
*Controller层响应到客户端之前
*/
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
User user = hostHolder.getUser();
if (user != null && modelAndView != null) {
modelAndView.addObject("loginUser", user);
}
}
@Override
/**
* 响应结束之后
*/
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
hostHolder.clear();
SecurityContextHolder.clearContext();
}
}
第二步:创建拦截器配置类
创建一个类实现WebMvcConfigurer,在类上加上 @Configuration注解,并实现addInterceptors方法,将之前写的拦截器类注册到此配置类即可
package com.nowcoder.community.config;
import...
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
/**
* 注入自己编写的拦截器
*/
@Autowired
private AlphaInterceptor alphaInterceptor;
@Autowired
private LoginTicketInterceptor loginTicketInterceptor;
@Autowired
private MessageInterceptor messageInterceptor;
@Autowired
private DataInterceptor dataInterceptor;
@Override
/**
*将拦截器进行注册配置
*/
public void addInterceptors(InterceptorRegistry registry) {
//添加拦截器
registry.addInterceptor(alphaInterceptor)
//静态资源不拦截
.excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg")
//配置拦截路径
.addPathPatterns("/register", "/login");
registry.addInterceptor(loginTicketInterceptor)
.excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg");
registry.addInterceptor(messageInterceptor)
.excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg");
registry.addInterceptor(dataInterceptor)
.excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg");
}
}
到此,拦截器配置成功
版权声明:本文为weixin_41639009原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。