利用拦截器和自定义注解实现未登录拦截
实现思路
所有需要有登录权限的接口先校验是否已登录(登录成功会往redis缓存中写入数据记录)
自定义注解
在Java中创建自定义注解
创建自定义注解与编写接口很相似,除了它的接口关键字前有个@符号。
注意以下几点:
- 注解方法不能有参数。
- 注解方法的返回类型局限于原始类型,字符串,枚举,注解,或以上类型构成的数组。
- 注解方法可以包含默认值。
- 注解可以包含与其绑定的元注解,元注解为注解提供信息,有四种元注解类型:
@Documented – 表示使用该注解的元素应被javadoc或类似工具文档化,它应用于类型声明,类型声明的注解会影响客户端对注解元素的使用。如果一个类型声明添加了Documented注解,那么它的注解会成为被注解元素的公共API的一部分。
@Target – 表示支持注解的程序元素的种类,一些可能的值有TYPE, METHOD, CONSTRUCTOR, FIELD等等。如果Target元注解不存在,那么该注解就可以使用在任何程序元素之上。
@Retention – 表示注解类型保留时间的长短,它接收RetentionPolicy参数,可能的值有SOURCE, CLASS, 以及RUNTIME。
@Inherited – 表示一个注解类型会被自动继承,如果用户在类声明的时候查询注解类型,同时类声明中也没有这个类型的注解,那么注解类型会自动查询该类的父类,这个过程将会不停地重复,直到该类型的注解被找到为止,或是到达类结构的顶层(Object)。
// Copyright 2016-2101 Pica.
package com.pica.cloud.patient.resident.server.annotation;
import java.lang.annotation.*;
/**
* @Description 需要居民登录的注解
* @Author Chongwen.jiang
* @Date 2019/7/30 10:52
* @ModifyDate 2019/7/30 10:52
* @Params
* @Return
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD, ElementType.TYPE})
@Documented
public @interface ResidentLoginPermission {
}
拦截器代码实现
// Copyright 2016-2101 Pica.
package com.pica.cloud.patient.resident.server.annotation;
import com.pica.cloud.patient.resident.server.util.LoginUtil;
import lombok.extern.slf4j.Slf4j;
import lombok.var;
import org.apache.http.entity.ContentType;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @ClassName ResidentLoginInterceptor
* @Description 居民登录拦截器
* @Author Chongwen.jiang
* @Date 2019/3/15 10:58
* @ModifyDate 2019/3/15 10:58
* @Version 1.0
*/
@Component
@Slf4j
public class ResidentLoginInterceptor extends HandlerInterceptorAdapter {
@Autowired
private LoginUtil loginUtil;
private static final String LOGIN_FAILED = "{\"code\":\"200006\",\"data\":{},\"message\":\"请先登录\"}";
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
if (request.getMethod().toUpperCase().equals(HttpMethod.POST.name()) || request.getMethod().toUpperCase().equals(HttpMethod.PUT.name())) {
if (ContentType.APPLICATION_JSON.getMimeType().equals(request.getContentType())) {
log.info("request start,url:{} ,body params ==>{}", request.getRequestURL().toString(), charReader(request));
}
} else {
log.info("request start,url:{} ,params ==>{}", request.getRequestURL().toString(), request.getQueryString());
}
var residentLogin = handlerMethod.getMethod().getAnnotation(ResidentLoginPermission.class);
if (residentLogin == null) {
residentLogin = handlerMethod.getMethod().getDeclaringClass().getAnnotation(ResidentLoginPermission.class);
}
if (residentLogin != null) {
var residentId = loginUtil.getCurrentResidentId();
if (residentId <= 0) {
sendJsonMessage(response, LOGIN_FAILED);
return false;
}
log.info("resident {},token:{}", residentId, loginUtil.getToken());
}
}
return true;
}
private void sendJsonMessage(HttpServletResponse response, String body) throws Exception {
response.setContentType("application/json; charset=utf-8");
PrintWriter writer = response.getWriter();
writer.print(body);
writer.close();
response.flushBuffer();
}
private String charReader(HttpServletRequest request) {
try {
BufferedReader br = request.getReader();
String str;
StringBuilder wholeStr = new StringBuilder();
while ((str = br.readLine()) != null) {
wholeStr.append(str);
}
return wholeStr.toString();
} catch (IOException ex) {
log.error("charReader error,uri:{}", request.getRequestURI(), ex);
}
return null;
}
}
package com.pica.cloud.patient.resident.server.util;
import com.alibaba.fastjson.JSON;
import com.pica.cloud.foundation.redis.ICacheClient;
import com.pica.cloud.patient.resident.common.constants.CommonCons;
import com.pica.cloud.patient.resident.common.vo.ResidentBasicInfo;
import com.pica.cloud.patient.resident.server.entity.PicaUser;
import com.site.lookup.util.StringUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
/**
* @Description 登录工具类
* @Author Chongwen.jiang
* @Date 2019/3/15 10:58
* @ModifyDate 2019/3/15 10:58
* @Params
* @Return
*/
@Slf4j
@Component
public class LoginUtil {
@Autowired
private ICacheClient cacheClient;
public int getCurrentResidentId() {
String token = getToken();
if (isResidentToken(token)) {
String strId = cacheClient.get(CommonCons.RedisKey.RESIDENT_LOGIN_TOKEN_START.replace("{token}", token));
if (StringUtils.isNotEmpty(strId)) {
try {
return Integer.parseInt(strId);
} catch (NumberFormatException ex) {
log.info("Integer.parseInt({}) error", strId, ex);
}
}
}
return 0;
}
public String getToken() {
ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
return servletRequestAttributes.getRequest().getHeader("token");
}
public PicaUser getDoctorInfo() {
ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
String token = servletRequestAttributes.getRequest().getHeader("token");
if (!isResidentToken(token)) {
return cacheClient.getToken(token, PicaUser.class);
//return JSON.parseObject(cacheClient.get(token), PicaUser.class);
} else {
return null;
}
}
/**
* 是否是居民token
*/
public boolean isResidentToken(String token) {
return StringUtils.isNotEmpty(token) && token.startsWith(CommonCons.Login.RESIDENT_TOKEN_START);
}
/**
* 获取登录居民的信息
*/
public ResidentBasicInfo getCurrentResidentInfo() {
int residentId = getCurrentResidentId();
if (residentId > 0) {
//return cacheClient.get(CommonCons.RedisKey.RESIDENT_LOGIN_INFO_KEY.replace("{residentId}", Integer.toString(residentId)), ResidentBasicInfo.class);
return JSON.parseObject(cacheClient.get(CommonCons.RedisKey.RESIDENT_LOGIN_INFO_KEY.replace("{residentId}", Integer.toString(residentId))), ResidentBasicInfo.class);
}
return null;
}
public ResidentBasicInfo getResidentInfoFromCache(int residentId) {
//return cacheClient.get(CommonCons.RedisKey.RESIDENT_LOGIN_INFO_KEY.replace("{residentId}", Integer.toString(residentId)), ResidentBasicInfo.class);
return JSON.parseObject(cacheClient.get(CommonCons.RedisKey.RESIDENT_LOGIN_INFO_KEY.replace("{residentId}", Integer.toString(residentId))), ResidentBasicInfo.class);
}
}
拦截器加入配置
// Copyright 2016-2101 Pica.
package com.pica.cloud.patient.resident.server.annotation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/**
* @ClassName ApiInterceptorConfigurerAdapter
* @Description
* @Author Chongwen.jiang
* @Date 2019/3/15 11:17
* @ModifyDate 2019/3/15 11:17
* @Version 1.0
*/
@Configuration
public class ApiInterceptorConfigurerAdapter extends WebMvcConfigurerAdapter {
@Autowired
private ResidentLoginInterceptor residentLoginInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(this.residentLoginInterceptor).addPathPatterns("/**");
super.addInterceptors(registry);
}
}
其它微服务中引用使用该登录权限校验代码实现
注解类:
// Copyright 2016-2101 Pica.
package com.pica.cloud.patient.health.server.annotation;
import java.lang.annotation.*;
/**
* @Description 需要居民登录的注解
* @Author Chongwen.jiang
* @Date 2019/7/30 10:34
* @ModifyDate 2019/7/30 10:34
* @Params
* @Return
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD, ElementType.TYPE})
@Documented
public @interface ResidentLoginPermission {
}
拦截器代码实现:
// Copyright 2016-2101 Pica.
package com.pica.cloud.patient.health.server.annotation;
import com.pica.cloud.foundation.entity.PicaResponse;
import com.pica.cloud.foundation.entity.PicaResultCode;
import com.pica.cloud.patient.health.common.enums.HealthResultCode;
import com.pica.cloud.patient.health.server.client.ResidentServiceClient;
import com.pica.cloud.patient.health.server.util.CommonHttpUtils;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @ClassName ResidentLoginInterceptor
* @Description 校验居民登录拦截器
* @Author Chongwen.jiang
* @Date 2019/4/1 17:33
* @ModifyDate 2019/4/1 17:33
* @Version 1.0
*/
@Slf4j
@Component
public class ResidentLoginInterceptor extends HandlerInterceptorAdapter {
@Autowired
private ResidentServiceClient residentServiceClient;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
ResidentLoginPermission residentLogin = handlerMethod.getMethod().getAnnotation(ResidentLoginPermission.class);
if (residentLogin == null) {
residentLogin = handlerMethod.getMethod().getDeclaringClass().getAnnotation(ResidentLoginPermission.class);
}
if (residentLogin != null) {
try {
PicaResponse result = residentServiceClient.checkLogin(getToken());
Integer residentId = CommonHttpUtils.getResponse(result, Integer.class);
if(null != residentId && residentId > 0) {
return true;
}
return false;
} catch (Exception ex) {
log.error("check resident login error", ex);
return false;
}
}
}
return true;
}
private String getToken() {
ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
return servletRequestAttributes.getRequest().getHeader("token");
}
}
拦截配置到springmvc配置类中:
// Copyright 2016-2101 Pica.
package com.pica.cloud.patient.health.server.annotation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/**
* @ClassName ApiInterceptorConfigurerAdapter
* @Description
* @Author Chongwen.jiang
* @Date 2019/3/15 11:17
* @ModifyDate 2019/3/15 11:17
* @Version 1.0
*/
@Configuration
public class ApiInterceptorConfigurerAdapter extends WebMvcConfigurerAdapter {
@Autowired
private ResidentLoginInterceptor residentLoginInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(this.residentLoginInterceptor).addPathPatterns("/**");
}
}
controller层接口:
@DeleteMapping("unbind")
@ApiOperation("App-解绑微信")
@ResidentLoginPermission
public PicaResponse unbindWechat(@RequestParam Integer patientId,@RequestParam Integer type){
return PicaResponse.toResponse(wechatUserService.unbindWechat(patientId,type));
}
被调用微服务接口:
@ResidentLoginPermission
@GetMapping("checkLogin")
public PicaResponse checkLogin() {
return PicaResponse.toResponse(super.getCurrentResidentId());
}
public Integer getCurrentResidentId() {
return loginUtil.getCurrentResidentId();
}
为了加深印象,记录一下