SpringBoot2.X拦截器使用(登录或则权限控制)
1.新建拦截器配置类: WebMvcConfigurer
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; /** * 拦截器配置类 */ @Configuration class CustomWebMvcConfigurer implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(getLoginInterceptor()).addPathPatterns("/api/v1/pri/**"); registry.addInterceptor(new DeleteIntercepter()).addPathPatterns("/api/v1/pri/delete/**"); } @Bean public LoginIntercepter getLoginInterceptor(){ return new LoginIntercepter(); } }
2.登录拦截
import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.Map; public class LoginIntercepter implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println("LoginIntercepter.preHandle"); String token= request.getHeader("token"); if (token == null) { response.sendError(-1, "请您登录后操作!"); return false; } else { try { if (token不合法) { response.sendError(-1, "登录token不合法,请重新登录!"); return false; } else { return true;//token验证通过 } } catch (Exception e) { return false; } } // return HandlerInterceptor.super.preHandle(request, response, handler); } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { System.out.println("LoginIntercepter.postHandle"); HandlerInterceptor.super.postHandle(request, response, handler, modelAndView); } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { System.out.println("LoginIntercepter.afterCompletion"); HandlerInterceptor.super.afterCompletion(request, response, handler, ex); } }
3.删除权限控制
import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.Map; public class DeleteIntercepter implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println("DeleteIntercepter.preHandle"); //权限判断 if("无权操作"){ response.sendError(-1,"您没有权限删除!"); return false; } return HandlerInterceptor.super.preHandle(request,response,handler); } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { System.out.println("DeleteIntercepter.postHandle"); HandlerInterceptor.super.postHandle(request,response,handler,modelAndView); } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { System.out.println("DeleteIntercepter.afterCompletion"); HandlerInterceptor.super.afterCompletion(request,response,handler,ex); } }
4.拦截器器不不⽣生效常⻅见问题:
- 是否有加@Configuration - 拦截路路径是否有问题 ** 和 * - 拦截器器最后路路径⼀一定要 /** 如果是⽬目录的话则是 /*/
5.如何配置不不拦截某些路路径?
registry.addInterceptor(new LoginIntercepter()).addPathPatterns("/api/v1/pri/**") //配置不不拦截某些路路径,⽐比如静态资源 .excludePathPatterns("/**/*.html","/**/*.js");
>>> >>> >>> 菜鸟学习中 >>> >>> >>>