Spring Boot 攔截器 Interceptor

今天再次使用SpringBoot和攔截器 Interceptor進行登陸和用戶權限驗證，之前第一次成功沒有做記錄現在這次失敗了，就索性把遇到的問題記錄一下

 

先驗證是否登陸判斷session是否存在(此處沒有選擇使用註解Bean)

package com.qiye.boss.interceptor;

import com.alibaba.fastjson.JSON;
import com.qiye.boss.utils.ApiResult;
import com.qiye.boss.utils.AuthUtils;
import com.qiye.boss.utils.BossCommonUtils;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter;

/**
 * Created by mazhaocai on 2017/12/4.
 */
@Component
public class ApiInterceptor extends HandlerInterceptorAdapter {

    /**
     * 接口攔截相關
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String requestUrl = request.getRequestURI();
        HttpSession session = request.getSession();

        if (BossCommonUtils.needAuthCheck(requestUrl)) {
            //需要登錄驗證
            if (!AuthUtils.isLoginUser(session)) {
                ApiResult<String> result = ApiResult.errLogin();
                response.setHeader("Content-Type","application/json;charset=UTF-8");
                PrintWriter writer = response.getWriter();
                writer.append(JSON.toJSONString(result));
                writer.close();
                return false;
            }
        }
        if (!BossCommonUtils.getAuthWords(requestUrl).equals("")){
            //需要進行權限驗證
            //驗證的權限類型
            //主要針對TYPE=2的操作
            String authWord = BossCommonUtils.getAuthWords(requestUrl);
            if (!AuthUtils.getAuth(authWord,session)){
                ApiResult<String> result = ApiResult.errAuth(authWord);
                response.setHeader("Content-Type","application/json;charset=UTF-8");
                PrintWriter writer = response.getWriter();
                writer.append(JSON.toJSONString(result));
                writer.close();
                return false;
            }
//            else {
//                String afterUrl = BossCommonUtils.getAuthRightUrl(requestUrl);
//                response.sendRedirect(afterUrl);
//            }
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        super.postHandle(request, response, handler, modelAndView);
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        super.afterCompletion(request, response, handler, ex);
    }
}

 單單這樣是不起作用的(我只建立了這一個 ApiInterceptor.class  發現並不走攔截 攔截器失效，貌似是啓動並沒有加載這個類)

還需要一下啓動攔截器(在網上查到有說在啓動類上面加上掃描，反正我是沒有成功，然後採用了這個方法)

 

package com.qiye.boss.interceptor;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

/**
 * @Author: Ma Zhaocai
 * @Date: 2019-3-21
 */
@Configuration
public class MyWebAppConfigurer extends WebMvcConfigurerAdapter {

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        // 多個攔截器組成一個攔截器鏈
        // addPathPatterns 用於添加攔截規則
        // excludePathPatterns 用戶排除攔截
        registry.addInterceptor(new ApiInterceptor()).addPathPatterns("/**");
        super.addInterceptors(registry);
    }
}