参考:https://blog.csdn.net/mxlgslcd/article/details/89155315
第一步:自定义注解
@Target(ElementType.METHOD)// 可用在方法名上
@Retention(RetentionPolicy.RUNTIME)// 运行时有效
public @interface AppAccess {
/**
* 认证所使用的认证器
*/
Class<? extends AuthFactory> authenticator();
}
第二部:认证工厂
public abstract class AuthFactory {
public abstract boolean auth(HttpServletRequest request, HttpServletResponse response, Object object) throws IOException;
}
第三步:拦截
@Component
public class AuthenticationInterceptor implements HandlerInterceptor {
/**
* 请求处理之前调用
*/
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object object) throws IOException {
log.info("请求地址:【{}】", httpServletRequest.getServletPath());
//如果不是映射到方法直接通过
if (!(object instanceof HandlerMethod)) {
return true;
}
HandlerMethod handlerMethod = (HandlerMethod) object;
Method method = handlerMethod.getMethod();
if (method.isAnnotationPresent(AppAccess.class)) {
AppAccess annotation = method.getAnnotation(AppAccess.class);
Class<? extends AuthFactory> authenticator = annotation.authenticator();
AuthFactory bean = SpringUtils.getBean(authenticator);
return bean.auth(httpServletRequest, httpServletResponse, object);
}
return true;
}
/**
* 请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
*/
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
/**
* 在整个请求结束之后被调用,也就是在DispatcherServlet 渲染了对应的视图之后执行(主要是用于进行资源清理工作)
*/
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
第四步:认证
@Component
@Slf4j
public class AppAuthenticator extends AuthFactory {
@Autowired
private RedisCache redisCache;
private static String TOKEN = "APP_{IDENTITY}_TOKEN_{ID}";
public static final String TOKEN_KEY = "Authorization";
@Override
public boolean auth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object object) throws IOException {
log.info("请求地址:【{}】", httpServletRequest.getServletPath());
Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
String join = MapUtil.join(parameterMap, ",", "=");
log.info("请求参数:【{}】",join);
//获取请求头的token
String token = httpServletRequest.getHeader(TOKEN_KEY);
log.info("token:{}", token);
//响应
httpServletResponse.setCharacterEncoding("utf-8");
httpServletResponse.setContentType("application/json; charset=utf-8");
//认证
if (StringUtils.isEmpty(token)) {
log.info("token为空");
httpServletResponse.getWriter().write(JSON.toJSONString(AjaxResult.error("登录过期!","")));
return false;
}
自己业务----------
return true;
}
}
第五步:验证
/**
* 推荐商户列表
* @param userSearchVo
* @return
*/
@AppAccess(authenticator = AppAuthenticator.class)
@GetMapping("/getMerchantList")
public TableDataInfo getMerchantList(UserSearchVo userSearchVo){
log.info("商户推荐 :{}", userSearchVo);
startPage();
List<UserMerchantRecommendVo> merchantList = baseMerchantService.selectMerchantList(userSearchVo);
merchantList.stream().map(s -> {
s.setDistance(distanceCovert(s.getDistance()));
return s;
}).collect(Collectors.toList());
return getDataTable(merchantList);
}
标签:httpServletRequest,拦截器,return,springboot,自定义,httpServletResponse,token,public,lo From: https://www.cnblogs.com/person008/p/16650220.html