首先我們定義一個切入點(匹配com.ed.controller.Seller開頭的controller的所有public方法)
@Pointcut("execution(public * com.ed.controller.Seller*.*(..))")
public void checkToken() {}
然后在進入這些方法之前進行token校驗
@Before("checkToken()")
public void check() {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = attributes.getRequest();
//查詢cookie
Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN);
if (cookie == null) {
log.warn("【token校驗】Cookie中查不到token");
throw new SellerAuthorizeException(ResultEnum.TOKEN_ERROR);
}
//去redis里查詢
String tokenValue = redisTemplate.opsForValue().get(String.format(RedisConstant.TOKEN_PREFIX, cookie.getValue()));
if (StringUtils.isEmpty(tokenValue)) {
log.warn("【token校驗】Redis中查不到token");
throw new SellerAuthorizeException(ResultEnum.TOKEN_ERROR);
}
}
拋出的異常可定義一個handler進行攔截,並返回自定義的對象給前端
@ControllerAdvice public class SellExceptionHandler {
@ExceptionHandler(value = SellerAuthorizeException.class) @ResponseBody public ResultVO handlerSellerException(SellerAuthorizeExceptione) { return ResultVOUtil.error(e.getCode(), e.getMessage()); } }
CookieUtil方法
/** * 獲取cookie * @param request * @param name * @return */ public static Cookie get(HttpServletRequest request, String name) { Map<String, Cookie> cookieMap = readCookieMap(request); if (cookieMap.containsKey(name)) { return cookieMap.get(name); }else { return null; } } /** * 將cookie封裝成Map * @param request * @return */ private static Map<String, Cookie> readCookieMap(HttpServletRequest request) { Map<String, Cookie> cookieMap = new HashMap<>(); Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie: cookies) { cookieMap.put(cookie.getName(), cookie); } } return cookieMap; }