SpringBoot+拦截器

实现登录拦截器:#

  1. 用户未登录时访问/logout或/center会被拦截
  2. 用户已登录时访问/logout或/center不会被拦截
  3. 用户登录后访问过/logout后再次访问/center会被拦截
  4. 被拦截后,将会被redirect至/error页面

1. UserController#

@RestController
@RequestMapping("/user")
public class UserController {
	@Autowired
	private User user;
	@RequestMapping("/login/{username}/{password}")
	public String login(
			@PathVariable("username") String username,
			@PathVariable("password") String password,
			HttpServletRequest request){
		user.setName(username);
		//将user对象存入session中
	   request.getSession().setAttribute("user",user);
		return user.getName()+" login success";
	}

	@RequestMapping("/logout")
	public String logout(HttpServletRequest request){
		//从session中获取user对象
		User logoutUser = (User) request.getSession().getAttribute("user");
		request.getSession().removeAttribute("user");
		return logoutUser.getName()+" logout success";
	}

	@RequestMapping("/center")
	public String center(HttpServletRequest request){
		//从session中获取user对象
		User centerUser = (User) request.getSession().getAttribute("user");
		return "User center: "+centerUser.getName();
	}

	@RequestMapping("/error")
	public String error(){
		return "error, you haven't login";
	}
}

2. 实现拦截器UserInterceptor#

public class UserInterceptor implements HandlerInterceptor {
	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
		//从本地获取cookie,判断是否已经存在user
		User user = (User) request.getSession().getAttribute("user");
		if (user == null) {
			// 如果session中没有user,则重定向至error
			response.sendRedirect("/user/error");
			return false;
		}
		return true;
	}
}

3. @Configuration配置拦截器#

@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
	@Override
	public void addInterceptors(org.springframework.web.servlet.config.annotation.InterceptorRegistry registry) {
		String[] addpath = {
				"/user/**"
		};
		String[] excludePath={
				"/user/login/**",//login若不被排除,那么无法登录
				"/user/error",//error若不被排除,那么进入error后会再次被拦截,形成死循环
		};
		registry.addInterceptor(new UserInterceptor()).addPathPatterns(addpath).excludePathPatterns(excludePath);
	}
}
posted @   吉比特  阅读(54)  评论(0编辑  收藏  举报
相关博文:
· NO MORE POSTMAN! Edge浏览器自带api调试工具!
· 限流、熔断、降级
· 登录拦截器
· SpringBoot拦截器的设置
· SpringBoot-拦截器的使用
阅读排行:
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· 单线程的Redis速度为什么快?
· SQL Server 2025 AI相关能力初探
· 展开说说关于C#中ORM框架的用法!
· AI编程工具终极对决:字节Trae VS Cursor,谁才是开发者新宠?
欢迎阅读『SpringBoot+拦截器』
点击右上角即可分享
微信分享提示
主题色彩