今天再次使用SpringBoot和拦截器 Interceptor进行登陆和用户权限验证,之前第一次成功没有做记录现在这次失败了,就索性把遇到的问题记录一下
先验证是否登陆判断session是否存在(此处没有选择使用注解Bean)
package com.qiye.boss.interceptor;
import com.alibaba.fastjson.JSON;
import com.qiye.boss.utils.ApiResult;
import com.qiye.boss.utils.AuthUtils;
import com.qiye.boss.utils.BossCommonUtils;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter;
/**
* Created by mazhaocai on 2017/12/4.
*/
@Component
public class ApiInterceptor extends HandlerInterceptorAdapter {
/**
* 接口拦截相关
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String requestUrl = request.getRequestURI();
HttpSession session = request.getSession();
if (BossCommonUtils.needAuthCheck(requestUrl)) {
//需要登录验证
if (!AuthUtils.isLoginUser(session)) {
ApiResult<String> result = ApiResult.errLogin();
response.setHeader("Content-Type","application/json;charset=UTF-8");
PrintWriter writer = response.getWriter();
writer.append(JSON.toJSONString(result));
writer.close();
return false;
}
}
if (!BossCommonUtils.getAuthWords(requestUrl).equals("")){
//需要进行权限验证
//验证的权限类型
//主要针对TYPE=2的操作
String authWord = BossCommonUtils.getAuthWords(requestUrl);
if (!AuthUtils.getAuth(authWord,session)){
ApiResult<String> result = ApiResult.errAuth(authWord);
response.setHeader("Content-Type","application/json;charset=UTF-8");
PrintWriter writer = response.getWriter();
writer.append(JSON.toJSONString(result));
writer.close();
return false;
}
// else {
// String afterUrl = BossCommonUtils.getAuthRightUrl(requestUrl);
// response.sendRedirect(afterUrl);
// }
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
super.afterCompletion(request, response, handler, ex);
}
}
单单这样是不起作用的(我只建立了这一个 ApiInterceptor.class 发现并不走拦截 拦截器失效,貌似是启动并没有加载这个类)
还需要一下启动拦截器(在网上查到有说在启动类上面加上扫描,反正我是没有成功,然后采用了这个方法)
package com.qiye.boss.interceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/**
* @Author: Ma Zhaocai
* @Date: 2019-3-21
*/
@Configuration
public class MyWebAppConfigurer extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 多个拦截器组成一个拦截器链
// addPathPatterns 用于添加拦截规则
// excludePathPatterns 用户排除拦截
registry.addInterceptor(new ApiInterceptor()).addPathPatterns("/**");
super.addInterceptors(registry);
}
}