1.創建一個自定義攔截器,實現HandlerInterceptor
package com.hmdp.utils; import com.hmdp.dto.UserDTO; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * 攔截器 */ public class LoginInterceptor implements HandlerInterceptor { /** * 前置攔截器 --- 進入controller之前進行登錄校驗 * * @param request * @param response * @param handler * @return * @throws Exception */ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { //1.獲取session HttpSession session = request.getSession(); //2.獲取session中的用戶 Object user = session.getAttribute("user"); //3.判斷用戶是否存在 if (user==null){ //4.不存在,攔截 返回401未授權 response.setStatus(401); return false; } //5.存在,保存用戶到ThreadLocal UserHolder.saveUser((UserDTO) user); //6.放行 return true; } /** * 增強攔截器--空過 */ @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } /** * 后置攔截器 --- 用戶業務執行完畢,銷毀對應的用戶信息 */ @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { UserHolder.removeUser(); } }
2.調用配置類攔截器
package com.hmdp.config; import com.hmdp.utils.LoginInterceptor; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration public class MvcConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { //添加攔截器,、 //配置不攔截的路徑 registry.addInterceptor(new LoginInterceptor()).excludePathPatterns( "/user/code", "/user/login", "/blog.hot", "/shop/**", "/shop-type/**", "/voucher/**" ); } }