Java拦截器以及自定义注解的使用是怎么样的,相信很多没有经验的人对此束手无策,为此本文总结了问题出现的原因和解决方法,通过这篇文章希望你能解决这个问题。
@Component public class MyWebConfig implements WebMvcConfigurer { private final UserTokenInterceptor userTokenInterceptor; private final SecurityInterceptor securityInterceptor; public MyWebConfig( UserTokenInterceptor userTokenInterceptor, SecurityInterceptor securityInterceptor) { this.userTokenInterceptor = userTokenInterceptor; this.securityInterceptor = securityInterceptor; } @Override public void addInterceptors(InterceptorRegistry registry) { // 定义排除swagger访问的路径配置 String[] swaggerExcludes = new String[] {"/swagger-ui.html", "/swagger-resources/**", "/webjars/**"}; registry .addInterceptor(userTokenInterceptor) .addPathPatterns("/**") .excludePathPatterns( "/user/login", "/static/**", "/*.html", "/*.ico", "/*.json", "/*.png", "/heartbeat/**") .excludePathPatterns(swaggerExcludes); registry .addInterceptor(securityInterceptor) .addPathPatterns("/maintain/**", "/user/**") .excludePathPatterns("/user/login"); } }
2个处理的类请求上可以有交集,2个处理类都执行。
@Component public class UserTokenInterceptor implements HandlerInterceptor { private final EmpInfoService empInfoService; public UserTokenInterceptor(EmpInfoService empInfoService) { this.empInfoService = empInfoService; } @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 校验handler是否是HandlerMethod if (!(handler instanceof HandlerMethod)) { return true; } // 从请求头中获取token String token = request.getHeader("Authorization"); /** * update:2021/11/30 ShengJieLi * 增加逻辑:Authorization的值不为本系统生成的token时,解密Authorization,获取token并验证 */ if (StrUtil.isNotEmpty(token)) { EmpInfo securityEmployee = empInfoService.queryToken(token); if(securityEmployee != null){ // token有效 String ref = empInfoService.isRef(token); if (StrUtil.isNotBlank(ref)) { response.setHeader("Access-Control-Expose-Headers", "token"); response.addHeader("token", ref); } }else{ //Authorization为PBE加密数据 securityEmployee = empInfoService.analyticQueryToken(token,response); } if (securityEmployee != null) { // token有效 // 将User对象放入到ThreadLocal中 UserLocal.set(securityEmployee); return true; } return false; } // String s = JSONUtil.toJsonStr(ResponseResult.error(ErrorCode.TOKEN_ERROR)); // response.setContentType("text/html;charset=UTF-8"); // JSONUtil.toJsonStr(s, response.getWriter()); // response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); InterceptorExceptionResolver.interceptorError(response,ErrorCode.TOKEN_ERROR); //update 结束 return false; } @Override public void afterCompletion( HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { // 响应结束后刪除對象 UserLocal.remove(); } }
@SecurityGrade({"SUPER_ADMIN", "SYSTEM_ADMIN"}) public class SecurityController { private final EmpInfoService empInfoService; public SecurityController(EmpInfoService empInfoService) { this.empInfoService = empInfoService; } @GetMapping("getUserInformation") @ApiOperation("登陸用户信息") @NoAuthorization public ResponseResult getUserInformation(@ApiIgnore HttpServletResponse response) { return empInfoService.getUserInformation(response); } }
@SecurityGrade({"SUPER_ADMIN", "SYSTEM_ADMIN"}) public class SecurityController { private final EmpInfoService empInfoService; public SecurityController(EmpInfoService empInfoService) { this.empInfoService = empInfoService; } @GetMapping("getUserInformation") @ApiOperation("登陸用户信息") @NoAuthorization public ResponseResult getUserInformation(@ApiIgnore HttpServletResponse response) { return empInfoService.getUserInformation(response); } }
method.getMethodAnnotation(SecurityGrade.class)
获得注解信息,methodAnnotation.value()
获得注解内容"SUPER_ADMIN",
"SYSTEM_ADMIN"。
看完上述内容,你们掌握Java拦截器以及自定义注解的使用是怎么样的的方法了吗?如果还想学到更多技能或想了解更多相关内容,欢迎关注亿速云行业资讯频道,感谢各位的阅读!
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。