項目接口有些需要登陸權限,有些不需要。
沒有使用註解的時候很多人是這麼寫:
LoginUser user = UserUtils.getLoginUser();
if (user == null) {
//告訴用戶你沒登陸
}
如果有很多個接口接口,全部這麼些看起來實在不舒服,還很low。
我們可以使用aop+註解的方式實現
依賴包
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/org.aspectj/aspectjrt -->
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>1.9.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.aspectj/aspectjweaver -->
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>1.9.4</version>
</dependency>
先自定義註解
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface AccessRequired {
}
AOP配置:
import com.tydic.ga.uc.modules.login.dto.LoginUser;
import com.tydic.jg.dsp.common.annotation.AccessRequired;
import com.tydic.jg.dsp.common.globaldeal.ResultEnum;
import com.tydic.jg.dsp.common.globaldeal.ResultUtil;
import com.tydic.jg.dsp.utils.UserUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.*;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import java.lang.reflect.Method;
@Aspect
@Component
public class AccessAspect {
@Pointcut("@annotation(com.tydic.jg.dsp.common.annotation.AccessRequired)")
public void annotationPointCut(){}
@After("annotationPointCut()")
public void after(JoinPoint joinPoint){
}
@Before("execution(* com.tydic.jg.dsp.module.*.*.*.*(..))")
public void before(JoinPoint joinPoint){
}
@Around("execution(* com.tydic.jg.dsp.module.*.*.*.*(..))")
public Object run(ProceedingJoinPoint joinPoint)throws Throwable{
Object[] args = joinPoint.getArgs();
MethodSignature signature = (MethodSignature)joinPoint.getSignature();
Method method = signature.getMethod();
//獲取註解
AccessRequired access = method.getAnnotation(AccessRequired.class);
if(access != null){
//有這個註解的接口需要驗證用戶是否登錄
LoginUser user = UserUtils.getCurrentUser();
if(user == null){
//未登錄需要告訴用戶你未登錄
return ResultUtil.error(ResultEnum.ERROR_USER_NOT_LOGIN);
}else {
//已經登錄的繼續處理業務
return joinPoint.proceed(args);
}
} else {
//沒有這個註解的不驗證登錄,繼續處理業務
return joinPoint.proceed(args);
}
}
}
controller測試:
@RequestMapping(value="test",method=RequestMethod.GET)
@AccessRequire
public Result test(String name){
//dosometing
return Result.success();
}