tlias管理系统-拦截器实现登录校验功能
This commit is contained in:
@@ -16,6 +16,7 @@ public class Webconfig implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
public void addInterceptors(InterceptorRegistry registry) {
|
||||
registry.addInterceptor(logincheckInterceptor).addPathPatterns("/**").excludePathPatterns("/login");//拦截所有资源
|
||||
// registry.addInterceptor(logincheckInterceptor).addPathPatterns("/**").excludePathPatterns("/login");//拦截所有资源
|
||||
registry.addInterceptor(logincheckInterceptor).addPathPatterns("/**");//拦截所有资源
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,7 +7,7 @@ import javax.servlet.annotation.WebFilter;
|
||||
import java.io.IOException;
|
||||
|
||||
@Slf4j
|
||||
@WebFilter(urlPatterns = "/*")//标识为过滤器组件,拦截所有请求
|
||||
//@WebFilter(urlPatterns = "/*")//标识为过滤器组件,拦截所有请求
|
||||
public class DemoFilter implements Filter {
|
||||
@Override
|
||||
public void init(FilterConfig filterConfig) throws ServletException {
|
||||
|
||||
@@ -3,15 +3,22 @@ package com.inmind.interceptor;
|
||||
登录校验的拦截器类
|
||||
*/
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.inmind.pojo.Result;
|
||||
import com.inmind.utils.JwtUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.servlet.HandlerInterceptor;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
|
||||
@Component
|
||||
@Slf4j
|
||||
public class LogincheckInterceptor implements HandlerInterceptor {
|
||||
//ctrl+O :提示可以重写的所有方法
|
||||
|
||||
@@ -19,6 +26,38 @@ public class LogincheckInterceptor implements HandlerInterceptor {
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||
System.out.println("preHandle执行了....");
|
||||
|
||||
//1.获取url
|
||||
String url = request.getRequestURI();//localhost:8080/login localhost:8080/emps/1
|
||||
//2.判断是否包含login,如果是登录接口,直接放行
|
||||
if (url.contains("login")) {
|
||||
//放行
|
||||
return true;//放行后回到该方法中,登录接口,以下代码,不执行。
|
||||
}
|
||||
|
||||
//3.获取请求头中的令牌(token)
|
||||
String jwt = request.getHeader("token");
|
||||
|
||||
//4.判断令牌是否存在,不存在,直接返回错误结果(未登录)
|
||||
if (!StringUtils.hasLength(jwt)) {
|
||||
//没有令牌,返回错误结果
|
||||
notLogin(response);
|
||||
log.info("没有令牌,返回错误结果");
|
||||
return false;
|
||||
}
|
||||
|
||||
//5.解析令牌,如果解析失败,直接返回错误结果(未登录)
|
||||
try {
|
||||
JwtUtils.parseJWT(jwt);
|
||||
} catch (Exception e) {
|
||||
//令牌解析失败,返回错误结果
|
||||
notLogin(response);
|
||||
log.info("令牌解析失败,返回错误结果");
|
||||
return false;
|
||||
}
|
||||
|
||||
//6.放行
|
||||
log.info("令牌合法,放行");
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -33,4 +72,13 @@ public class LogincheckInterceptor implements HandlerInterceptor {
|
||||
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
|
||||
System.out.println("afterCompletion执行了....");
|
||||
}
|
||||
|
||||
private void notLogin(HttpServletResponse response) throws IOException {
|
||||
//根据接口文档响应json,但是之前通过spring的控制器里的@ResponseBody注解,自动响应json,现在没有该注解,我们要手动发送json
|
||||
Result error = Result.error("NOT_LOGIN");
|
||||
//手动转换--将java对象转换为json字符串,阿里巴巴的fastJson
|
||||
String errorJson = JSONObject.toJSONString(error);
|
||||
//通过响应对象,将json响应给前端
|
||||
response.getWriter().write(errorJson);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user