今天再次使用SpringBoot和攔截器 Interceptor進行登陸和用戶權限驗證,之前第一次成功沒有做記錄現在這次失敗了,就索性把遇到的問題記錄一下
先驗證是否登陸判斷session是否存在(此處沒有選擇使用註解Bean)
package com.qiye.boss.interceptor;
import com.alibaba.fastjson.JSON;
import com.qiye.boss.utils.ApiResult;
import com.qiye.boss.utils.AuthUtils;
import com.qiye.boss.utils.BossCommonUtils;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter;
/**
* Created by mazhaocai on 2017/12/4.
*/
@Component
public class ApiInterceptor extends HandlerInterceptorAdapter {
/**
* 接口攔截相關
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String requestUrl = request.getRequestURI();
HttpSession session = request.getSession();
if (BossCommonUtils.needAuthCheck(requestUrl)) {
//需要登錄驗證
if (!AuthUtils.isLoginUser(session)) {
ApiResult<String> result = ApiResult.errLogin();
response.setHeader("Content-Type","application/json;charset=UTF-8");
PrintWriter writer = response.getWriter();
writer.append(JSON.toJSONString(result));
writer.close();
return false;
}
}
if (!BossCommonUtils.getAuthWords(requestUrl).equals("")){
//需要進行權限驗證
//驗證的權限類型
//主要針對TYPE=2的操作
String authWord = BossCommonUtils.getAuthWords(requestUrl);
if (!AuthUtils.getAuth(authWord,session)){
ApiResult<String> result = ApiResult.errAuth(authWord);
response.setHeader("Content-Type","application/json;charset=UTF-8");
PrintWriter writer = response.getWriter();
writer.append(JSON.toJSONString(result));
writer.close();
return false;
}
// else {
// String afterUrl = BossCommonUtils.getAuthRightUrl(requestUrl);
// response.sendRedirect(afterUrl);
// }
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
super.afterCompletion(request, response, handler, ex);
}
}
單單這樣是不起作用的(我只建立了這一個 ApiInterceptor.class 發現並不走攔截 攔截器失效,貌似是啓動並沒有加載這個類)
還需要一下啓動攔截器(在網上查到有說在啓動類上面加上掃描,反正我是沒有成功,然後採用了這個方法)
package com.qiye.boss.interceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/**
* @Author: Ma Zhaocai
* @Date: 2019-3-21
*/
@Configuration
public class MyWebAppConfigurer extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 多個攔截器組成一個攔截器鏈
// addPathPatterns 用於添加攔截規則
// excludePathPatterns 用戶排除攔截
registry.addInterceptor(new ApiInterceptor()).addPathPatterns("/**");
super.addInterceptors(registry);
}
}