springboot 拦截器实现登录验证

拦截器实现服务级别的登录拦截

1.编写拦截器

package com.huidong.qzh.file.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.huidong.qzh.file.feign.SSOFeignClient;
import com.huidong.qzh.util.common.constant.LoginStatus;
import com.huidong.qzh.util.common.util.CookieUtils;
import com.huidong.qzh.util.common.util.QzhResult;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;

@RefreshScope
public class LoginInterceptor implements HandlerInterceptor {

    @Value("${sso_login_page}")
    private String SSO_LOGIN_PAGE;
    @Autowired
    private SSOFeignClient ssoFeignClient;

    private final String errorResult = JSONObject.toJSONString(QzhResult.build(LoginStatus.LOGOUT_STATUS.getStatus(), "登录过期,请重新登录!"));

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
        //获取访问URL
        String url = request.getRequestURL().toString();
        String token = request.getHeader("QZH_TOKEN");
        if (StringUtils.isBlank(token)) {
            token = CookieUtils.getCookieValue(request, "QZH_TOKEN");
        }
        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json; charset=utf-8");
        if (StringUtils.isBlank(token) || ssoFeignClient.getUserByToken(token).getStatus() != 200) {
            PrintWriter out = response.getWriter();
            out.append(errorResult);
            return false;
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

    }
}

从cookie或者header中获取到token,通过feign调用单点登录系统的服务,返回登录状态

2. 将拦截器配置生效

package com.huidong.qzh.file.config;

import com.huidong.qzh.file.feign.SSOFeignClient;
import com.huidong.qzh.file.interceptor.LoginInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@EnableWebMvc
@Configuration
public class AdapterConfig extends WebMvcConfigurerAdapter {

    @Bean
    LoginInterceptor loginInterceptor() {
        return new LoginInterceptor();
    }


    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        // 多个拦截器组成一个拦截器链
        // addPathPatterns 用于添加拦截规则
        // excludePathPatterns 用户排除拦截
        registry.addInterceptor( loginInterceptor()).addPathPatterns("/**");
        super.addInterceptors(registry);
    }
}

拦截所有请求进行判断登录