这里我以session登录校验为例写了一个拦截器的例子
1.先写一个通过用户名密码登录的小栗子(用户名、密码都是root)
@Controller
@RestController
public class LoginController {
@RequestMapping("login")
public String login(String name,String pwd,HttpServletRequest request) {
HttpSession session = request.getSession();
if(name.equals("root")&&pwd.equals("root")) {
User user = new User();
user.setName(name);
session.setAttribute("user",user);
return "登录成功";
} else {
return "用户名或密码错误!";
}
}
}
2.写登录校验的过滤器
新建一个SessionInterceptor 实现(implements)HandlerInterceptor接口,并重写其中的方法
public class SessionInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("开始请求地址拦截");
HttpSession session = request.getSession(false);
if (session != null && session.getAttribute("user") != null) {
return true;
} else {
PrintWriter printWriter = response.getWriter();
printWriter.write("{code:0,message:\"not login!\"}");
return false;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("返回视图或String之前的处理");
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("返回视图或String之前的处理");
}
}
3.完成拦截器的注册
@Configuration
public class WebAppConfig extends WebMvcConfigurerAdapter {
/**
* 注册 拦截器
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 设置拦截的路径、不拦截的路径、优先级等等
registry.addInterceptor(new SessionInterceptor()).addPathPatterns("/*").excludePathPatterns("/login");
}
}
4.测试
(1)首先写一个代表其他资源的控制器OtherController
@RestController
public class OtherController {
@RequestMapping("other")
public String login(String name,String pwd,HttpServletRequest request) {
return "other!";
}
}
(2)直接访问OtherController
拦截器会拦截下这个请求
(3)登录后再访问OtherController
登录后再访问其他资源,便可以直接访问