springboot生成token,并拦截token(注册时不拦截)

1.生成token

用户注册时:

//把用户信息插入到表中,返回用户信息,有用户的id,根据id,采用addLoginTicket方法生成token
 String ticket = addLoginTicket(39);
//ticket=e75932bb92904defa98e13a8aad860b2
public String addLoginTicket(int userId){
    LoginTicket loginTicket = new LoginTicket();
    loginTicket.setUserId(userId);
    Date date = new Date();
    date.setTime(date.getTime()+1000*3600*30);
    loginTicket.setExpired(date);
    loginTicket.setStatus(0);
    loginTicket.setTicket(UUID.randomUUID().toString().replaceAll("-",""));

    System.out.println("生成ticket: "+ JSONObject.toJSONString(loginTicket));
    //int a=loginTicketDao.insertLoginticket(loginTicket);
    //System.out.println("ticket插入结果: "+a);

    //return loginTicket.getTicket();
return loginTicket;


}

2.拦截token,并在注册时免除拦截

用户请求时,cookie中携带token,

springboot生成token,并拦截token(注册时不拦截)_第1张图片

 

 

2.1PassportInterceptor类

import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 拦截器
 * @ 用来判断用户的
 *1. 当preHandle方法返回false时,从当前拦截器往回执行所有拦截器的afterCompletion方法,再退出拦截器链。也就是说,请求不继续往下传了,直接沿着来的链往回跑。
 2.当preHandle方法全为true时,执行下一个拦截器,直到所有拦截器执行完。再运行被拦截的Controller。然后进入拦截器链,运
 行所有拦截器的postHandle方法,完后从最后一个拦截器往回执行所有拦截器的afterCompletion方法.
 */

//@component (把普通pojo实例化到spring容器中,相当于配置文件中的
@Component
public class PassportInterceptor implements HandlerInterceptor {
//    @Autowired
//    LoginTicketDao lTicketsDAO;
//
//    @Autowired
//    userDAO uDAO;
//
//    @Autowired
//    HostHolder hostHolder;

    /**
     * 在请求处理之前进行调用(Controller方法调用之前)
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        System.out.println("拦截器preHandle方法");
        String tickets = null;
        if(request.getCookies() != null){
            for(Cookie cookie : request.getCookies()){
                if(cookie.getName().equals("ticket")){
                    tickets = cookie.getValue();
                    System.out.println("拦截器拦截到的cookie=="+tickets);
                    break;
                }
            }
        }

//        String username = request.getParameter("username");
//        System.out.println("拦截器拦截username:"+username);

//            request.getSession().setAttribute("msg", "你还没有登录,请登录后在访问");
//            request.setAttribute("msg", "你还没有登录,请登录后在访问");

//        if(tickets != null ){
//            //根据拦截到的cookie往数据库里查询
//            loginTickets loginTickets  = lTicketsDAO.selectByTicket(tickets);
//            if(loginTickets == null || loginTickets.getExpired().before(new Date()) || loginTickets.getStatus() != 0){
//                return true;
//            }
//
//            User user = uDAO.selectById(loginTickets.getUserId());
//            hostHolder.setUser(user);
//        }
        return true;
    }
    /**
     * 请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
     * @param modelAndView
     * @throws Exception
     */
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        System.out.println("拦截器postHandle方法"+modelAndView);
//        //就是为了能够在渲染之前所有的freemaker模板能够访问这个对象user,就是在所有的controller渲染之前将这个user加进去
//        if(modelAndView != null){
//            //这个其实就和model.addAttribute一样的功能,就是把这个变量与前端视图进行交互 //就是与header.html页面的user对应
//            //modelAndView.addObject("user",hostHolder.getUser());
//        }
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        //hostHolder.clear();   //当执行完成之后呢需要将变量清空
    }

}

2.2

不需要拦截的controller层的一个方法(注册方法)

springboot生成token,并拦截token(注册时不拦截)_第2张图片

2.3

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;


@Configuration
public class InterceptorConfig extends WebMvcConfigurationSupport {

    public void addInterceptors(InterceptorRegistry registry) {
//        addPathPatterns添加需要拦截的命名空间;
//        excludePathPatterns添加排除拦截命名空间
        registry.addInterceptor(new PassportInterceptor()).addPathPatterns("/**").excludePathPatterns("/register");
    }
}

 

你可能感兴趣的:(spring,boot)