拦截器 校验token准确性

编写一个认证拦截器

public class Auth implements HandlerInterceptor {

    private static Logger log = Logger.getLogger(Auth.class);

  //获取密钥
    private String secretKey = Config.getConfigValue("secretKey");

    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String token = request.getHeader("token");// 从 http 请求头中取出 token
        if(isBlank(token)){
            throw Ex.build(SExCode.TOKEN_N);
        }
        if(!secretKey.equals(token)){
            throw Ex.build(SExCode.TOKEN_F);
        }
        return true;
    }

    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}
定义拦截器规则
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {

    @Override
    public void addInterceptors(InterceptorRegistry registry) {

        // 传入自定义的拦截器,以及拦截地址
        registry.addInterceptor(new Auth()).addPathPatterns("/**");

    }
}
posted @ 2022-04-26 14:57  一个追求未知的人  阅读(109)  评论(0)    收藏  举报