自定义AuthcInterceptor拦截器类
@Component
@Order(value = 1)
public class AuthcInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//Authenticate 认证
//Authorization 鉴权
if (!(handler instanceof HandlerMethod)) return true;
//存在NoNeedLogin注解 就不做登录认证了 NoNeedLogin自定义的注解 首先登录接口就需要添加上该注解
if (((HandlerMethod) handler).getMethodAnnotation(NoNeedLogin.class) != null) return true;
String token = request.getHeader("authenticate");
//这里根据请求头的信息判断用户是否登录状态 不是登录状态的话 返回401状态 并抛出异常 NoLoginException 是自定义状态类
//需要配置全局拦截类检测到该异常信息就返回必要信息给客户端,告知客户端未登录需要登录
response.setStatus(401);
throw new NoLoginException();
//这里直接返回true就可以,因为没有登录状态我们也需要返回一些信息
return true;
}
}
自定义配置类 实现 WebMvcConfigurer 类
@Configuration
public class MvcConfig implements WebMvcConfigurer {
@Autowired
private AuthcInterceptor loginInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
List<String> excludePathPatterns = new ArrayList<>();
excludePathPatterns.add("/error");
//排除拦截swagger-api接口
excludePathPatterns.add("/swagger-resources/**");
//登录的接口在这里排除 或者 拦截器注解处理
registry.addInterceptor(loginInterceptor).addPathPatterns("/**")
.excludePathPatterns(excludePathPatterns);
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
//处理静态文件拦截问题
registry.addResourceHandler("/**").addResourceLocations("classpath:/META-INF/resources/",
"classpath:/resources/", "classpath:/static/", "classpath:/public/");
registry.addResourceHandler("/wabjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
}
}
