- 當前痛點
private static final String[] LOGIN_EXCLUED_LOCATIONS = { "classpath:/static/", "/forgot_password", "/change_password", "/sign_up", "/tool/*", "/register", "/login", "/logout", "/404", "/403", "/500" }; @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(new UserLoginInterceptor()).addPathPatterns("/**").excludePathPatterns(LOGIN_EXCLUED_LOCATIONS); }
如上所示:痛點有二:1、對於開發測試來說,非常不友好。2、相對於SpringBoot來說,這種直接將配置寫在代碼中的也是不提倡的
SO,解決方案:
利用自定義注解,靈活的控制接口的權限。
直接上代碼:
controller:
@RestController public class TestController { @IPass @RequestMapping("/add") public String add(){ return "add success"; } @RequestMapping("/delete") public String delete(){ return "delete success"; } @RequestMapping("/query") public String query(){ return "query"; } }
注解:
@Retention(RetentionPolicy.RUNTIME) public @interface IPass { Auth value() default Auth.PASS; enum Auth{ PASS, FILTER } }
SpingBoot攔截器配置
@Configuration public class InterceptorConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(new AuthInterceptor()).addPathPatterns("/**"); } }
攔截器:
public class AuthInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HandlerMethod handlerMethod = (HandlerMethod) handler; IPass methodAnnotation = handlerMethod.getMethodAnnotation(IPass.class); return methodAnnotation != null && methodAnnotation.value().equals(IPass.Auth.PASS); } }
上述代碼通過注解IPass來指明當前被標注接口是否被攔截;
2018-11-21 記