java

关注公众号 jb51net

关闭
首页 > 软件编程 > java > SpringBoot拦截器实现登录拦截

SpringBoot拦截器实现登录拦截的方法示例

作者:断橋殘雪

这篇文章主要介绍了SpringBoot拦截器实现登录拦截的方法示例,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧

源码

GitHub:https://github.com/291685399/springboot-learning/tree/master/springboot-interceptor01

SpringBoot拦截器可以做什么

可以对URL路径进行拦截,可以用于权限验证、解决乱码、操作日志记录、性能监控、异常处理等

SpringBoot拦截器实现登录拦截

pom.xml:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>2.0.0.RELEASE</version>
    <relativePath/>
  </parent>
  <groupId>com.wyj</groupId>
  <artifactId>springboot-interceptor01</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <name>springboot-interceptor01</name>
  <description>springboot拦截器</description>

  <properties>
    <java.version>1.8</java.version>
  </properties>

  <dependencies>
    <!-- springboot -->
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-test</artifactId>
      <scope>test</scope>
    </dependency>
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-devtools</artifactId>
      <scope>runtime</scope>
      <optional>true</optional>
    </dependency>

    <!-- lombok -->
    <dependency>
      <groupId>org.projectlombok</groupId>
      <artifactId>lombok</artifactId>
      <optional>true</optional>
    </dependency>

    <!-- thymeleaf -->
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>
  </dependencies>

  <build>
    <finalName>springboot-interceptor01</finalName>
    <plugins>
      <plugin>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-maven-plugin</artifactId>
      </plugin>
    </plugins>
  </build>
</project>

WebMvcConfigurer:继承WebMvcConfigurationSupport类,重写addInterceptors方法

/**
 * 在springboot2.0.0之后,WebMvcConfigurerAdapter已经过时了
 * 会使用WebMvcConfigurer或者WebMvcConfigurationSupport替代
 *
 * @author wyj
 * @create 2019-06-01 21:48
 */
@Configuration
public class WebMvcConfigurer extends WebMvcConfigurationSupport {

  /**
   * 在springboot2.0.0之前继承WebMvcConfigurerAdapter类,重写addInterceptors方法
   *
   * @param registry
   */
//  @Override
//  public void addInterceptors(InterceptorRegistry registry) {
//    /**
//     * 拦截器按照顺序执行,如果不同拦截器拦截存在相同的URL,前面的拦截器会执行,后面的拦截器将不执行
//     */
//    registry.addInterceptor(new AuthorityInterceptor())
//        .addPathPatterns("/user/**");
//    super.addInterceptors(registry);
//  }

  /**
   * 在springboot2.0.0之后实现WebMvcConfigurer接口,重写addInterceptors方法
   *
   * @param registry
   */
//  @Override
//  public void addInterceptors(InterceptorRegistry registry) {
//    /**
//     * 拦截器按照顺序执行,如果不同拦截器拦截存在相同的URL,前面的拦截器会执行,后面的拦截器将不执行
//     */
//    registry.addInterceptor(new AuthorityInterceptor())
//        .addPathPatterns("/user/**");
//  }

  /**
   * 在springboot2.0.0之后继承WebMvcConfigurationSupport类,重写addInterceptors方法
   *
   * @param registry
   */
  @Override
  protected void addInterceptors(InterceptorRegistry registry) {
    /**
     * 拦截器按照顺序执行,如果不同拦截器拦截存在相同的URL,前面的拦截器会执行,后面的拦截器将不执行
     */
    registry.addInterceptor(new AuthorityInterceptor())
        .addPathPatterns("/user/**");
    super.addInterceptors(registry);
  }
}

AuthorityInterceptor:实现HandlerInterceptor接口,重写preHandle、postHandle、afterCompletion方法

@Slf4j
public class AuthorityInterceptor implements HandlerInterceptor {

  private static final Set<String> NOT_INTERCEPT_URI = new HashSet<>();//不拦截的URI

  static {
    NOT_INTERCEPT_URI.add("/user/login.html");
    NOT_INTERCEPT_URI.add("/user/login");
  }

  /**
   * 在请求处理之前进行调用(Controller方法调用之前)
   */
  @Override
  public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
               Object object) throws Exception {
    String uri = request.getRequestURI();
    if (NOT_INTERCEPT_URI.contains(uri)) {
      log.info("不拦截" + uri);
      return true;
    }
    log.info("拦截" + uri);
    HttpSession session = request.getSession();
    UserInfo userInfo = (UserInfo) session.getAttribute("user_info_in_the_session");
    if (userInfo == null) {
      throw new RuntimeException("用户未登陆");
    }
    return true;
  }

  /**
   * 请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
   */
  @Override
  public void postHandle(HttpServletRequest request, HttpServletResponse response, Object object, ModelAndView mv) throws Exception {
  }

  /**
   * 在整个请求结束之后被调用,也就是在DispatcherServlet 渲染了对应的视图之后执行
   * (主要是用于进行资源清理工作)
   */
  @Override
  public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object object, Exception ex) throws Exception {
  }
}

UserController:

@Controller
@RequestMapping(value = "/user")
public class UserController {

  @RequestMapping(value = "/login.html")
  public String index() {
    return "login";
  }

  @RequestMapping(value = "/login")
  public String login(User user) {
    //查询数据库,我这里直接写死
    User dbUser = new User(1, "zhangsan", "123456", "admin");
    if (dbUser.getPassword().equals(user.getPassword())) {
      UserInfo userInfo = new UserInfo(dbUser.getId(), dbUser.getUsername(), dbUser.getRole());
      HttpSession session = getRequest().getSession();
      session.setAttribute("user_info_in_the_session", userInfo);
      return "admin";
    }
    return "login";
  }

  @RequestMapping(value = "/userInfo")
  @ResponseBody
  public String userInfo() {
    HttpSession session = getRequest().getSession();
    UserInfo userInfo = (UserInfo) session.getAttribute("user_info_in_the_session");
    return userInfo.toString();
  }

  private HttpServletRequest getRequest() {
    return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
  }
}

User:

@Data
@NoArgsConstructor
@AllArgsConstructor
public class User implements Serializable {

  private int id;
  private String username;
  private String password;
  private String role;

}

UserInfo: 用于存在用户信息储存在session中

@Data
@NoArgsConstructor
@AllArgsConstructor
public class UserInfo implements Serializable {

  private int id;
  private String username; 
  private String role;

}

login.html:只是一个很简单的登录表单

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>登陆页面</title>
</head>
<body>
<form action="/user/login" method="post">
  登陆:<br/>
  用户名:<input name="username" id="username" type="text"/><br/>
  密&nbsp;&nbsp;&nbsp;码:<input name="password" id="password" type="password"/><br/>
  <input type="submit" value="登陆"/>
</form>
</body>
</html>

admin.html:

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>首页</title>
</head>
<body>
<form action="/user/userInfo" method="get">
  <input type="submit" value="用户信息"/></form>
</body>
</html>

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持脚本之家。

您可能感兴趣的文章:
阅读全文