步驟:
1.實現WebMvcConfigurer配置類
2.實現攔截器
3. 把攔截器添加到配置中
4.添加需要攔截的請求
5.添加需要排除的請求
1 package com.zp.springbootdemo.interceptor; 2 3 import org.springframework.context.annotation.Bean; 4 import org.springframework.context.annotation.Configuration; 5 import org.springframework.web.servlet.config.annotation.InterceptorRegistry; 6 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; 7 8 /** 9 * 和springmvc的webmvc攔截配置一樣 10 * @author zp 11 */ 12 @Configuration 13 public class WebConfigurer implements WebMvcConfigurer { 14 /** 15 * 攔截器配置 16 * @param registry 17 */ 18 @Override 19 public void addInterceptors(InterceptorRegistry registry) { 20 // addPathPatterns攔截所有請求,excludePathPatterns排除特殊的請求 21 //registry.addInterceptor(LoginInterceptor()).addPathPatterns("/**"); 22 registry.addInterceptor(AuthorityInterceptor()).addPathPatterns("/**"); 23 //excludePathPatterns 排除的請求 24 // registry.addInterceptor(LoginInterceptor()).addPathPatterns("/**").excludePathPatterns("/user/**"); 25 // registry.addInterceptor(AuthorityInterceptor()).addPathPatterns("/**").excludePathPatterns("/user/**"); 26 } 27 /** 28 * 攔截器一 29 * @return 30 */ 31 @Bean 32 public LoginInterceptor LoginInterceptor() { 33 return new LoginInterceptor(); 34 } 35 /** 36 * 攔截器二 37 * @return 38 */ 39 @Bean 40 public AuthorityInterceptor AuthorityInterceptor() { 41 return new AuthorityInterceptor(); 42 } 43 }
基於URL實現的攔截器:
1 package com.zp.springbootdemo.interceptor; 2 3 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; 4 5 import javax.servlet.http.HttpServletRequest; 6 import javax.servlet.http.HttpServletResponse; 7 8 public class LoginInterceptor extends HandlerInterceptorAdapter { 9 /** 10 * 在請求處理之前進行調用(Controller方法調用之前) 11 * 基於URL實現的攔截器 12 * @param request 13 * @param response 14 * @param handler 15 * @return 16 * @throws Exception 17 */ 18 @Override 19 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { 20 String path = request.getServletPath(); 21 System.out.println("當前請求路徑:"+path); 22 System.out.println("=========進入攔截器1==================="); 23 if (path.matches(Const.NO_INTERCEPTOR_PATH)) { 24 //不需要的攔截直接過 25 System.out.println("=========無需攔截==================="); 26 return true; 27 } else { 28 System.out.println("=========開始攔截==================="); 29 // 這寫你攔截需要干的事兒,比如取緩存,SESSION,權限判斷等 30 String token = request.getParameter("token"); 31 if(token == null){ 32 System.out.println("=========攔截完成==================="+false); 33 return false; 34 } 35 System.out.println("=========攔截完成==================="+true); 36 return true; 37 } 38 } 39 }
關鍵代碼:path.matches(Const.NO_INTERCEPTOR_PATH 就是基於正則匹配的url。
package com.zp.springbootdemo.interceptor; /** * @author zp * @explain 常量類 */ public class Const { public static final String SUCCESS = "SUCCESS"; public static final String ERROR = "ERROR"; public static final String FIALL = "FIALL"; /**********************對象和個體****************************/ public static final String SESSION_USER = "loginedAgent"; // 用戶對象 public static final String SESSION_LOGINID = "sessionLoginID"; // 登錄ID public static final String SESSION_USERID = "sessionUserID"; // 當前用戶對象ID編號 public static final String SESSION_USERNAME = "sessionUserName"; // 當前用戶對象ID編號 public static final Integer PAGE = 10; // 默認分頁數 public static final String SESSION_URL = "sessionUrl"; // 被記錄的url public static final String SESSION_SECURITY_CODE = "sessionVerifyCode"; // 登錄頁驗證碼 // 時間 緩存時間 public static final int TIMEOUT = 1800;// 秒 public static final String ON_LOGIN = "/logout.htm"; public static final String LOGIN_OUT = "/toLogout"; // 不驗證URL anon:不驗證/authc:受控制的 public static final String NO_INTERCEPTOR_PATH =".*/((.css)|(.js)|(images)|(login)|(anon)).*"; }
測試:
請求地址:http://127.0.0.1:8080/user/getUser?token=123
結果:
基於注解的攔截器
①創建注解:
package com.zp.springbootdemo.interceptor; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** * 在需要登錄驗證的Controller的方法上使用此注解 */ @Target({ElementType.METHOD})// 可用在方法名上 @Retention(RetentionPolicy.RUNTIME)// 運行時有效 public @interface LoginRequired { }
②創建攔截器:
package com.zp.springbootdemo.interceptor; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Method; public class AuthorityInterceptor extends HandlerInterceptorAdapter { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println("===============進入攔截器2====================="); // 如果不是映射到方法直接通過 if (!(handler instanceof HandlerMethod)) { System.out.println("===============無需攔截====================="); return true; } // ①:START 方法注解級攔截器 HandlerMethod handlerMethod = (HandlerMethod) handler; Method method = handlerMethod.getMethod(); // 判斷接口是否需要登錄 LoginRequired methodAnnotation = method.getAnnotation(LoginRequired.class); // 有 @LoginRequired 注解,需要認證 if (methodAnnotation != null) { // 這寫你攔截需要干的事兒,比如取緩存,SESSION,權限判斷等 System.out.println("===============開始攔截====================="); String token = request.getParameter("token"); if(token == null){ System.out.println("=========攔截完成==================="+false); return false; } System.out.println("=========攔截完成==================="+true); return true; } System.out.println("===============無需攔截==================="); return true; } }
測試接口代碼1:
package com.zp.springbootdemo.system.controller; import com.zp.springbootdemo.interceptor.LoginRequired; import com.zp.springbootdemo.system.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import java.util.Map; @RestController @RequestMapping("/user") public class UserController { @Autowired private UserService userService; @GetMapping("/getUser") //@LoginRequired public Map<String,String> getUser(@RequestParam Map<String,String> user){ return userService.getUser(user); } }
請求地址:
http://127.0.0.1:8080/user/getUser?token=123
結果:
測試接口代碼2:
package com.zp.springbootdemo.system.controller; import com.zp.springbootdemo.interceptor.LoginRequired; import com.zp.springbootdemo.system.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import java.util.Map; @RestController @RequestMapping("/user") public class UserController { @Autowired private UserService userService; @GetMapping("/getUser") @LoginRequired public Map<String,String> getUser(@RequestParam Map<String,String> user){ return userService.getUser(user); } }
請求地址:
http://127.0.0.1:8080/user/getUser?token=123
結果:
