能够对URL途径举行阻拦,能够用于权限考证、处置惩罚乱码、操纵日记纪录、机能监控、非常处置惩罚等。
SpringBoot阻拦器完成登录阻拦
pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.0.RELEASE</version>
<relativePath/>
</parent>
<groupId>com.wyj</groupId>
<artifactId>springboot-interceptor01</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springboot-interceptor01</name>
<description>springboot阻拦器</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<!-- springboot -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<!-- lombok -->
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<!-- thymeleaf -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
</dependencies>
<build>
<finalName>springboot-interceptor01</finalName>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
WebMvcConfigurer:继续WebMvcConfigurationSupport类,重写addInterceptors要领
/**
* 在springboot2.0.0以后,WebMvcConfigurerAdapter已过期了
* 会运用WebMvcConfigurer或许WebMvcConfigurationSupport替换
*
* @author wyj
* @create 2019-06-01 21:48
*/
@Configuration
public class WebMvcConfigurer extends WebMvcConfigurationSupport {
/**
* 在springboot2.0.0之前继续WebMvcConfigurerAdapter类,重写addInterceptors要领
*
* @param registry
*/
// @Override
// public void addInterceptors(InterceptorRegistry registry) {
// /**
// * 阻拦器根据递次实行,假如差别阻拦器阻拦存在雷同的URL,前面的阻拦器会实行,背面的阻拦器将不实行
// */
// registry.addInterceptor(new AuthorityInterceptor())
// .addPathPatterns("/user/**");
// super.addInterceptors(registry);
// }
/**
* 在springboot2.0.0以后完成WebMvcConfigurer接口,重写addInterceptors要领
*
* @param registry
*/
// @Override
// public void addInterceptors(InterceptorRegistry registry) {
// /**
// * 阻拦器根据递次实行,假如差别阻拦器阻拦存在雷同的URL,前面的阻拦器会实行,背面的阻拦器将不实行
// */
// registry.addInterceptor(new AuthorityInterceptor())
// .addPathPatterns("/user/**");
// }
/**
* 在springboot2.0.0以后继续WebMvcConfigurationSupport类,重写addInterceptors要领
*
* @param registry
*/
@Override
protected void addInterceptors(InterceptorRegistry registry) {
/**
* 阻拦器根据递次实行,假如差别阻拦器阻拦存在雷同的URL,前面的阻拦器会实行,背面的阻拦器将不实行
*/
registry.addInterceptor(new AuthorityInterceptor())
.addPathPatterns("/user/**");
super.addInterceptors(registry);
}
}
AuthorityInterceptor:完成HandlerInterceptor接口,重写preHandle、postHandle、afterCompletion要领
preHandle:在要求处置惩罚之前举行挪用(Controller要领挪用之前)
postHandle:要求处置惩罚以后举行挪用,但是在视图被衬着之前(Controller要领挪用以后)
afterCompletion:在全部要求完毕以后被挪用,也就是在DispatcherServlet 衬着了对应的视图以后实行(主如果用于举行资本清算事情)
@Slf4j
public class AuthorityInterceptor implements HandlerInterceptor {
private static final Set<String> NOT_INTERCEPT_URI = new HashSet<>();//不阻拦的URI
static {
NOT_INTERCEPT_URI.add("/user/login.html");
NOT_INTERCEPT_URI.add("/user/login");
}
/**
* 在要求处置惩罚之前举行挪用(Controller要领挪用之前)
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object object) throws Exception {
String uri = request.getRequestURI();
if (NOT_INTERCEPT_URI.contains(uri)) {
log.info("不阻拦" + uri);
return true;
}
log.info("阻拦" + uri);
HttpSession session = request.getSession();
UserInfo userInfo = (UserInfo) session.getAttribute("user_info_in_the_session");
if (userInfo == null) {
throw new RuntimeException("用户未上岸");
}
return true;
}
/**
* 要求处置惩罚以后举行挪用,但是在视图被衬着之前(Controller要领挪用以后)
*/
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object object, ModelAndView mv) throws Exception {
}
/**
* 在全部要求完毕以后被挪用,也就是在DispatcherServlet 衬着了对应的视图以后实行
* (主如果用于举行资本清算事情)
*/
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object object, Exception ex) throws Exception {
}
}
UserController:
@Controller
@RequestMapping(value = "/user")
public class UserController {
@RequestMapping(value = "/login.html")
public String index() {
return "login";
}
@RequestMapping(value = "/login")
public String login(User user) {
//查询数据库,我这里直接写死
User dbUser = new User(1, "zhangsan", "123456", "admin");
if (dbUser.getPassword().equals(user.getPassword())) {
UserInfo userInfo = new UserInfo(dbUser.getId(), dbUser.getUsername(), dbUser.getRole());
HttpSession session = getRequest().getSession();
session.setAttribute("user_info_in_the_session", userInfo);
return "admin";
}
return "login";
}
@RequestMapping(value = "/userInfo")
@ResponseBody
public String userInfo() {
HttpSession session = getRequest().getSession();
UserInfo userInfo = (UserInfo) session.getAttribute("user_info_in_the_session");
return userInfo.toString();
}
private HttpServletRequest getRequest() {
return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
}
}
User:
@Data
@NoArgsConstructor
@AllArgsConstructor
public class User implements Serializable {
private int id;
private String username;
private String password;
private String role;
}
UserInfo: 用于存在用户信息储存在session中
@Data
@NoArgsConstructor
@AllArgsConstructor
public class UserInfo implements Serializable {
private int id;
private String username;
private String role;
}
login.html:只是一个很简单的登录表单
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>上岸页面</title>
</head>
<body>
<form action="/user/login" method="post">
上岸:<br/>
用户名:<input name="username" id="username" type="text"/><br/>
密 码:<input name="password" id="password" type="password"/><br/>
<input type="submit" value="上岸"/>
</form>
</body>
</html>
admin.html:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>首页</title>
</head>
<body>
<form action="/user/userInfo" method="get">
<input type="submit" value="用户信息"/></form>
</body>
</html>
以上就是SpringBoot阻拦器完成登录阻拦的细致内容,更多请关注ki4网别的相干文章!
