SSM框架拦截器实现登陆拦截

发布于 2021-07-06  4139913 次阅读


添加自定义注解

package org.book.configuration.aop;

import java.lang.annotation.*;

@Documented
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface NoCheckLogin {
}

创建一个SpringMvcHandler 类,继承HandlerInterceptorAdapter

package org.book.configuration.Handler;

import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.book.common.JsonResult;
import org.book.configuration.aop.NoCheckLogin;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.lang.reflect.Method;
@Slf4j
public class SpringMvcHandler extends HandlerInterceptorAdapter {
    public void afterCompletion(HttpServletRequest arg0,
                                HttpServletResponse arg1, Object arg2, Exception arg3)
            throws Exception {
    }

    public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
                           Object arg2, ModelAndView arg3) throws Exception {
    }

    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
                             Object handler) throws Exception {

        HandlerMethod hm = null;
        Method method = null;
        if(handler instanceof HandlerMethod) {
            hm = (HandlerMethod) handler;
            method = hm.getMethod();// 获取方法
        } else {
            return true;
        }
        // 该方法是否添加 允许未登录访问注解
        if (method !=null &&  method.isAnnotationPresent(NoCheckLogin.class)) {
            // 不拦截
            return true;
        }
        String name = (String) request.getSession().getAttribute("user");
        if (name != null) {
            return true;
        } else {
            response.setCharacterEncoding("UTF-8");
            response.setContentType("application/json; charset=utf-8");
            PrintWriter out = null;
            try {
                out = response.getWriter();
                out.append(new JSONObject().toJSONString(JsonResult.renderFail("用户未登录")) );
            }catch (Exception e){
                out = response.getWriter();
                out.append(new JSONObject().toJSONString(JsonResult.renderError("后台出错")));
                log.info(e.getStackTrace().toString());
            }
            return false;
        }

    }
}

被@NoLoginCheck注解的方法不会被拦截在springmvc配置文件配置拦截路径和排除路径

<mvc:interceptors>
    <mvc:interceptor>
        <mvc:mapping path="/**"/>
        <mvc:mapping path="/"/>
        <mvc:mapping path="/index.jsp"/>
        <mvc:exclude-mapping path="/assets/**"/>
        <mvc:exclude-mapping path="/images/**"/>
        <bean class="org.book.configuration.Handler.SpringMvcHandler"></bean>
    </mvc:interceptor>
</mvc:interceptors>

1)预处理preHandle()方法
        用户发送请求时,先执行preHandle()方法。会先按照顺序执行所有拦截器的preHandle方法,一直遇到return false为止,比如第二个preHandle方法是return false,则第三个以及以后所有拦截器都不会执行。若都是return true,则执行用户请求的url方法。

2)后处理postHandle()
        方法调用了Service并返回ModelAndView,但未进行页面渲染,可以在这里继续修改ModelAndView

3)返回处理afterCompletion()
        方法已经渲染了页面,在afterCompletion中,可以根据ex是否为null判断是否发生了异常,进行日志记录。注:一般使用preHandle这个拦截器进行预处理,对url进行请求拦截