1,創建線程池:
public class UserHolder { private static ThreadLocal<User> tl =new ThreadLocal<User>(); // 存數據 public static void saveUser(User user){ tl.set(user); } //取數據 public static User getUser(){ return tl.get(); } //刪除數據 public static void removeUser(){ tl.remove(); } }
2,創建攔截器:
@Component public class TokenInterceptor implements HandlerInterceptor { @Autowired private UserService userService; @Override//在controller前攔截 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 獲取token getHeader獲取單個請求頭Authorization對應的value值 String token = request.getHeader("Authorization");//請求參數Authorization 令牌=token if (token == null) { response.setStatus(400); return false; } User user = userService.fromRedisUser(token); if(user==null){ response.setStatus(400); //權限不足 return false;//中斷請求 } // 將用戶放在threadLocal中 UserHolder.saveUser(user); // 放行 return true; } @Override//響應結束 threadLocal移除對象 public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { UserHolder.removeUser(); //移除對象 } }
這樣,需要根據token來獲取用戶信息的地方就可以直接:
User user = UserHolder.getUser();
再也不用每次都往接口里傳token了
未經允許 禁止轉載