一:自定义注解
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
@Documented
public @interface ChackToken {
boolean validate() default true;
}
二:自定义拦截器来实现 HandlerInterceptorAdapter
public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
//redis操作各种方法
@Autowired
private RedisUtil redisUtil;
public static final String USER_KEY = "userInfo";
@Autowired
private MiniWechatController miniWechatC;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//不是自定义ChackToken注释的跳过拦截
HandlerMethod handlerMethod = (HandlerMethod) handler;
ChackToken annotation = handlerMethod.getMethodAnnotation(ChackToken.class);
if(annotation == null || !annotation.validate()){
return true;
}
/**
* 项目在拦截器Interceptor中 注入RedisUtil,RedisUtil无法使用的问题(RedisUtil报null错误)
* 原因:拦截器在SpringContext初始化之前就执行了,Bean初始化之前它就执行了,所以它肯定是无法获取SpringIOC容器中的内容的。
* 需要加入以下代码代码即可
*/
if (redisUtil == null) {
WebApplicationContext wac = WebApplicationContextUtils.getRequiredWebApplicationContext(request.getServletContext());
redisUtil = wac.getBean(RedisUtil.class);
}
//设置跨域--开始
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpServletRequest httpRequest = (HttpServletRequest) request;
if (httpRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
setHeader(httpRequest,httpResponse);
return true;
}
//设置跨域--结束
//从header中获取token
String token = request.getHeader("token");
//如果header中不存在token,则从参数中获取token
if(StringUtils.isBlank(token)){
token = request.getParameter("token");
}
//token为空
if(StringUtils.isBlank(token) || token == null || token.length() == 0){
throw new RemoteException("缺少token,拒绝访问");
}
System.out.print("token:"+token);
Object userInfo = null;
userInfo = redisUtil.get(token);
// //查询token信息
// String openid = redisUtil.get(token).toString();
if(userInfo == null ){
throw new RemoteException("用户Token失效,请重新登录");
}
//设置openid到request里,后续根据openid,获取用户信息
request.setAttribute(USER_KEY, userInfo);
return true;
}
/**
* 为response设置header,实现跨域
*/
private void setHeader(HttpServletRequest request,HttpServletResponse response){
//跨域的header设置
response.setHeader("Access-control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Methods", request.getMethod());
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Headers", request.getHeader("Access-Control-Request-Headers"));
//防止乱码,适用于传输JSON数据
response.setHeader("Content-Type","application/json;charset=UTF-8");
}
}
三:将自己定义的拦截器注入到Mvc中
这里有两种方式:
第一种是可以继承WebMvcConfigurationSupport,但是用这种我遇到一个问题就是,所有date-format格式被转成了时间戳!
第二种就是实现WebMvcConfigurer,这种不会出现这种情况,所以推荐第二种方式
@SpringBootConfiguration
public class SpringMvcConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new AuthorizationInterceptor());
}
}
现在我们就可以在控制器中进行使用了
示例:
@GetMapping("/text")
@ChackToken
public Result<ChUser> updateUser(HttpServletRequest request){
System.out.print("userInfo:"+request.getAttribute("userInfo"));
return Result.error("0");
}
标签:拦截器,自定义,Spring,request,public,token,userInfo,response,setHeader From: https://www.cnblogs.com/lhm166/p/17105595.html