详解Java拦截器以及自定义注解的使用详解Java拦截器以及自定义注解

1，设置预处理，设置不需要拦截的请求
2.UserTokenInterceptor ，securityInterceptor分别处理不同的请求拦截，执行不同的拦截逻辑。
3.关于注解的使用
总结

1，设置预处理，设置不需要拦截的请求

@Componentpublic class MyWebConfig implements WebMvcConfigurer {private final UserTokenInterceptor userTokenInterceptor; private final SecurityInterceptor securityInterceptor; public MyWebConfig(UserTokenInterceptor userTokenInterceptor, SecurityInterceptor securityInterceptor) {this.userTokenInterceptor = userTokenInterceptor; this.securityInterceptor = securityInterceptor; }@Overridepublic void addInterceptors(InterceptorRegistry registry) {// 定义排除swagger访问的路径配置String[] swaggerExcludes =new String[] {"/swagger-ui.html", "/swagger-resources/**", "/webjars/**"}; registry.addInterceptor(userTokenInterceptor).addPathPatterns("/**").excludePathPatterns("/user/login", "/static/**", "/*.html", "/*.ico", "/*.json", "/*.png", "/heartbeat/**").excludePathPatterns(swaggerExcludes); registry.addInterceptor(securityInterceptor).addPathPatterns("/maintain/**", "/user/**").excludePathPatterns("/user/login"); }}

2.UserTokenInterceptor ，securityInterceptor分别处理不同的请求拦截，执行不同的拦截逻辑。 2个处理的类请求上可以有交集，2个处理类都执行。

@Componentpublic class UserTokenInterceptor implements HandlerInterceptor {private final EmpInfoService empInfoService; public UserTokenInterceptor(EmpInfoService empInfoService) {this.empInfoService = empInfoService; }@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)throws Exception {// 校验handler是否是HandlerMethodif (!(handler instanceof HandlerMethod)) {return true; }// 从请求头中获取tokenString token = request.getHeader("Authorization"); /*** update:2021/11/30 ShengJieLi* 增加逻辑：Authorization的值不为本系统生成的token时，解密Authorization，获取token并验证*/if (StrUtil.isNotEmpty(token)) {EmpInfo securityEmployee = empInfoService.queryToken(token); if(securityEmployee != null){// token有效String ref = empInfoService.isRef(token); if (StrUtil.isNotBlank(ref)) {response.setHeader("Access-Control-Expose-Headers", "token"); response.addHeader("token", ref); }}else{//Authorization为PBE加密数据securityEmployee = empInfoService.analyticQueryToken(token,response); }if (securityEmployee != null) {// token有效// 将User对象放入到ThreadLocal中UserLocal.set(securityEmployee); return true; }return false; }//String s = JSONUtil.toJsonStr(ResponseResult.error(ErrorCode.TOKEN_ERROR)); //response.setContentType("text/html; charset=UTF-8"); //JSONUtil.toJsonStr(s, response.getWriter()); //response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); InterceptorExceptionResolver.interceptorError(response,ErrorCode.TOKEN_ERROR); //update 结束return false; }@Overridepublic void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)throws Exception {// 响应结束后刪除對象UserLocal.remove(); }}

@SecurityGrade({"SUPER_ADMIN", "SYSTEM_ADMIN"})public class SecurityController {private final EmpInfoService empInfoService; public SecurityController(EmpInfoService empInfoService) {this.empInfoService = empInfoService; }@GetMapping("getUserInformation")@ApiOperation("登陸用户信息")@NoAuthorizationpublic ResponseResult getUserInformation(@ApiIgnore HttpServletResponse response) {return empInfoService.getUserInformation(response); }}

3.关于注解的使用

@SecurityGrade({"SUPER_ADMIN", "SYSTEM_ADMIN"})public class SecurityController {private final EmpInfoService empInfoService; public SecurityController(EmpInfoService empInfoService) {this.empInfoService = empInfoService; }@GetMapping("getUserInformation")@ApiOperation("登陸用户信息")@NoAuthorizationpublic ResponseResult getUserInformation(@ApiIgnore HttpServletResponse response) {return empInfoService.getUserInformation(response); }}

method.getMethodAnnotation(SecurityGrade.class) 获得注解信息，methodAnnotation.value()获得注解内容"SUPER_ADMIN", "SYSTEM_ADMIN"。

总结 【详解Java拦截器以及自定义注解的使用】本篇文章就到这里了，希望能够给你带来帮助，也希望您能够多多关注脚本之家的更多内容!