一、添加一个注解
/** * 接口参数中用于绑定当前登录用户对象的标记注解 * @author yanghui * @date 2020/12/17 **/ @Retention(RetentionPolicy.RUNTIME) @Target(value = {ElementType.PARAMETER}) @Documented public @interface LoginUser { }
二、创建一个loginUser注解的解析器
/** * 自定义参数解析器 * 作用: 获取登录的user对象, 并绑定到method的参数中 * @author yanghui * @date 2020/12/17 **/ public class LoginUserHandlerMethodArgumentResolver implements HandlerMethodArgumentResolver { @Override public boolean supportsParameter(MethodParameter methodParameter) { return methodParameter.hasParameterAnnotation(LoginUser.class); } @Override public Object resolveArgument(MethodParameter methodParameter, ModelAndViewContainer modelAndViewContainer, NativeWebRequest nativeWebRequest, WebDataBinderFactory webDataBinderFactory) throws Exception { if (nativeWebRequest.getNativeRequest() instanceof HttpServletRequest) { HttpServletRequest request = (HttpServletRequest) nativeWebRequest.getNativeRequest(); return request.getAttribute("LOGIN_USER"); } return null; } }
三、自定义拦截器
public class WebInterceptor implements HandlerInterceptor { @Autowired private RedisUtil redisUtil; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { //通过去redis把你们到登陆用户拿出来放到request里面去 在第二步中拿到我们request的用户信息 放到注解里面去 Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); SimpleUser simpleUser = new SimpleUser(); if (authentication != null && authentication.getDetails() != null) { if (authentication.getDetails() instanceof OAuth2AuthenticationDetails) { OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails(); Object obj = redisUtil.get(details.getTokenValue()); if (obj != null) { simpleUser = JSON.parseObject(obj.toString(), SimpleUser.class); }else { String userName=(String)authentication.getPrincipal(); simpleUser.setUsername(userName); } } else if (authentication instanceof UsernamePasswordAuthenticationToken) { simpleUser = (SimpleUser) authentication.getPrincipal(); } else if (authentication.getPrincipal() != null) { simpleUser.setUsername(authentication.getPrincipal().toString()); } } /** 传入登录对象, 在自定义参数解析器中使用 */ request.setAttribute("LOGIN_USER", simpleUser); return true; }
四、创建一个配置类,添加我们的自定义的拦截器和参数解析器
@Configuration public class WebInterceptorConfig implements WebMvcConfigurer { /** * 自定义参数解析器 * 作用: 获取登录的user对象, 并绑定到method的参数中 * @author yanghui * @date 2019/12/17 * @return LoginUserHandlerMethodArgumentResolver **/ @Bean public LoginUserHandlerMethodArgumentResolver getLoginUserHandlerMethodArgumentResolver() { return new LoginUserHandlerMethodArgumentResolver(); } /** * 登录校验拦截器 * * @return */ @Bean public WebInterceptor loginRequiredInterceptor() { return new WebInterceptor(); } @Override public void addInterceptors(InterceptorRegistry registry) { //添加需要验证用户操作权限的请求 registry.addInterceptor(loginRequiredInterceptor()) .addPathPatterns("/**"); } /** * 添加@LoginUser的参数解析器 * @author yanghui * @date 2020/12/17 * @return void **/ @Override public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) { argumentResolvers.add(getLoginUserHandlerMethodArgumentResolver()); } }
五、在我们Controller接口参数上添加@LoginUser SimpleUser user参数就可以使用了会