SpringBoot攔截器實現登錄攔截

SpringBoot攔截器可以做什么

可以對URL路徑進行攔截，可以用于權限驗證、解決亂碼、操作日志記錄、性能監控、異常處理等。

SpringBoot攔截器實現登錄攔截

pom.xml：

<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">     <modelVersion>4.0.0</modelVersion>     <parent>         <groupId>org.springframework.boot</groupId>         <artifactId>spring-boot-starter-parent</artifactId>         <version>2.0.0.RELEASE</version>         <relativePath/>     </parent>     <groupId>com.wyj</groupId>     <artifactId>springboot-interceptor01</artifactId>     <version>0.0.1-SNAPSHOT</version>     <name>springboot-interceptor01</name>     <description>springboot攔截器</description>      <properties>         <java.version>1.8</java.version>     </properties>      <dependencies>         <!-- springboot -->         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-starter-web</artifactId>         </dependency>         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-starter-test</artifactId>             <scope>test</scope>         </dependency>         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-devtools</artifactId>             <scope>runtime</scope>             <optional>true</optional>         </dependency>          <!-- lombok -->         <dependency>             <groupId>org.projectlombok</groupId>             <artifactId>lombok</artifactId>             <optional>true</optional>         </dependency>          <!-- thymeleaf -->         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-starter-thymeleaf</artifactId>         </dependency>     </dependencies>      <build>         <finalName>springboot-interceptor01</finalName>         <plugins>             <plugin>                 <groupId>org.springframework.boot</groupId>                 <artifactId>spring-boot-maven-plugin</artifactId>             </plugin>         </plugins>     </build> </project>

WebMvcConfigurer：繼承WebMvcConfigurationSupport類，重寫addInterceptors方法

/**  * 在springboot2.0.0之后，WebMvcConfigurerAdapter已經過時了  * 會使用WebMvcConfigurer或者WebMvcConfigurationSupport替代  *  * @author wyj  * @create 2019-06-01 21:48  */ @Configuration public class WebMvcConfigurer extends WebMvcConfigurationSupport {      /**      * 在springboot2.0.0之前繼承WebMvcConfigurerAdapter類，重寫addInterceptors方法      *      * @param registry      */ //    @Override //    public void addInterceptors(InterceptorRegistry registry) { //        /** //         * 攔截器按照順序執行,如果不同攔截器攔截存在相同的URL，前面的攔截器會執行，后面的攔截器將不執行 //         */ //        registry.addInterceptor(new AuthorityInterceptor()) //                .addPathPatterns("/user/**"); //        super.addInterceptors(registry); //    }      /**      * 在springboot2.0.0之后實現WebMvcConfigurer接口，重寫addInterceptors方法      *      * @param registry      */ //    @Override //    public void addInterceptors(InterceptorRegistry registry) { //        /** //         * 攔截器按照順序執行,如果不同攔截器攔截存在相同的URL，前面的攔截器會執行，后面的攔截器將不執行 //         */ //        registry.addInterceptor(new AuthorityInterceptor()) //                .addPathPatterns("/user/**"); //    }      /**      * 在springboot2.0.0之后繼承WebMvcConfigurationSupport類，重寫addInterceptors方法      *      * @param registry      */     @Override     protected void addInterceptors(InterceptorRegistry registry) {         /**          * 攔截器按照順序執行,如果不同攔截器攔截存在相同的URL，前面的攔截器會執行，后面的攔截器將不執行          */         registry.addInterceptor(new AuthorityInterceptor())                 .addPathPatterns("/user/**");         super.addInterceptors(registry);     } }

AuthorityInterceptor：實現HandlerInterceptor接口，重寫preHandle、postHandle、afterCompletion方法

preHandle：在請求處理之前進行調用（Controller方法調用之前）

postHandle：請求處理之后進行調用，但是在視圖被渲染之前（Controller方法調用之后）

afterCompletion：在整個請求結束之后被調用，也就是在DispatcherServlet 渲染了對應的視圖之后執行（主要是用于進行資源清理工作）

@Slf4j public class AuthorityInterceptor implements HandlerInterceptor {      private static final Set<String> NOT_INTERCEPT_URI = new HashSet<>();//不攔截的URI      static {         NOT_INTERCEPT_URI.add("/user/login.html");         NOT_INTERCEPT_URI.add("/user/login");     }      /**      * 在請求處理之前進行調用（Controller方法調用之前）      */     @Override     public boolean preHandle(HttpServletRequest request, HttpServletResponse response,                              Object object) throws Exception {         String uri = request.getRequestURI();         if (NOT_INTERCEPT_URI.contains(uri)) {             log.info("不攔截" + uri);             return true;         }         log.info("攔截" + uri);         HttpSession session = request.getSession();         UserInfo userInfo = (UserInfo) session.getAttribute("user_info_in_the_session");         if (userInfo == null) {             throw new RuntimeException("用戶未登陸");         }         return true;     }      /**      * 請求處理之后進行調用，但是在視圖被渲染之前（Controller方法調用之后）      */     @Override     public void postHandle(HttpServletRequest request, HttpServletResponse response, Object object, ModelAndView mv) throws Exception {     }      /**      * 在整個請求結束之后被調用，也就是在DispatcherServlet 渲染了對應的視圖之后執行      * （主要是用于進行資源清理工作）      */     @Override     public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object object, Exception ex) throws Exception {     } }

UserController：

@Controller @RequestMapping(value = "/user") public class UserController {      @RequestMapping(value = "/login.html")     public String index() {         return "login";     }      @RequestMapping(value = "/login")     public String login(User user) {         //查詢數據庫，我這里直接寫死         User dbUser = new User(1, "zhangsan", "123456", "admin");         if (dbUser.getPassword().equals(user.getPassword())) {             UserInfo userInfo = new UserInfo(dbUser.getId(), dbUser.getUsername(), dbUser.getRole());             HttpSession session = getRequest().getSession();             session.setAttribute("user_info_in_the_session", userInfo);             return "admin";         }         return "login";     }      @RequestMapping(value = "/userInfo")     @ResponseBody     public String userInfo() {         HttpSession session = getRequest().getSession();         UserInfo userInfo = (UserInfo) session.getAttribute("user_info_in_the_session");         return userInfo.toString();     }      private HttpServletRequest getRequest() {         return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();     } }

User：

@Data @NoArgsConstructor @AllArgsConstructor public class User implements Serializable {      private int id;     private String username;     private String password;     private String role;  }

UserInfo： 用于存在用戶信息儲存在session中

@Data @NoArgsConstructor @AllArgsConstructor public class UserInfo implements Serializable {      private int id;     private String username;      private String role;  }

login.html：只是一個很簡單的登錄表單

<!DOCTYPE html> <html> <head>     <meta charset="UTF-8">     <title>登陸頁面</title> </head> <body> <form action="/user/login" method="post">     登陸：<br/>     用戶名：<input name="username" id="username" type="text"/><br/>     密&nbsp;&nbsp;&nbsp;碼：<input name="password" id="password" type="password"/><br/>     <input type="submit" value="登陸"/> </form> </body> </html>

admin.html：

<!DOCTYPE html> <html> <head>     <meta charset="UTF-8">     <title>首頁</title> </head> <body> <form action="/user/userInfo" method="get">     <input type="submit" value="用戶信息"/></form> </body> </html>