SpringBoot2.X拦截器使用(登录或则权限控制)
1.新建拦截器配置类: WebMvcConfigurer
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* 拦截器配置类
*/
@Configuration
class CustomWebMvcConfigurer implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(getLoginInterceptor()).addPathPatterns("/api/v1/pri/**");
registry.addInterceptor(new DeleteIntercepter()).addPathPatterns("/api/v1/pri/delete/**");
}
@Bean
public LoginIntercepter getLoginInterceptor(){
return new LoginIntercepter();
}
}
2.登录拦截
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Map;
public class LoginIntercepter implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("LoginIntercepter.preHandle");
String token= request.getHeader("token");
if (token == null) {
response.sendError(-1, "请您登录后操作!");
return false;
} else {
try {
if (token不合法) {
response.sendError(-1, "登录token不合法,请重新登录!");
return false;
} else {
return true;//token验证通过
}
} catch (Exception e) {
return false;
}
}
// return HandlerInterceptor.super.preHandle(request, response, handler);
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("LoginIntercepter.postHandle");
HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("LoginIntercepter.afterCompletion");
HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
}
}
3.删除权限控制
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Map;
public class DeleteIntercepter implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("DeleteIntercepter.preHandle");
//权限判断
if("无权操作"){
response.sendError(-1,"您没有权限删除!");
return false;
}
return HandlerInterceptor.super.preHandle(request,response,handler);
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("DeleteIntercepter.postHandle");
HandlerInterceptor.super.postHandle(request,response,handler,modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("DeleteIntercepter.afterCompletion");
HandlerInterceptor.super.afterCompletion(request,response,handler,ex);
}
}
4.拦截器器不不⽣生效常⻅见问题:
- 是否有加@Configuration - 拦截路路径是否有问题 ** 和 * - 拦截器器最后路路径⼀一定要 /** 如果是⽬目录的话则是 /*/
5.如何配置不不拦截某些路路径?
registry.addInterceptor(new
LoginIntercepter()).addPathPatterns("/api/v1/pri/**")
//配置不不拦截某些路路径,⽐比如静态资源
.excludePathPatterns("/**/*.html","/**/*.js");
>>> >>> >>> 菜鸟学习中 >>> >>> >>>
浙公网安备 33010602011771号