1、定义自定义注解的名称
/** * 在需要验证openid的Controller的方法上使用此注解 */ @Target({ElementType.METHOD}) @Retention(RetentionPolicy.RUNTIME) public @interface AccessRequired { }
2、写自定义的拦截器,需继承HandlerInterceptor拦截器
public class AuthenticationInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object handler) throws Exception { if (!(handler instanceof HandlerMethod)) { return true;//没有实例化的方法直接通过 } HandlerMethod handlerMethod = (HandlerMethod) handler; Method method = handlerMethod.getMethod(); // 判断接口是否需要认证 AccessRequired methodAnnotation = method.getAnnotation(AccessRequired.class); // 有 @AcessRequired注解,需要认证 if (methodAnnotation != null) { String uuid = null; Cookie[] cookies = httpServletRequest.getCookies(); if (!StringUtils.isEmpty(cookies) || cookies.length > 0) { for (int i = 0; i < cookies.length; i++) { Cookie cookie = cookies[i]; if (cookie.getName().equals("openid")) { uuid = cookie.getValue(); } } } if (StringUtils.isEmpty(uuid)) { httpServletResponse.setCharacterEncoding("UTF-8"); httpServletResponse.setContentType("application/json; charset=utf-8"); PrintWriter out = httpServletResponse.getWriter(); String userJsonStr = ToolUtils.BeanToJson(ToolUtils.getRedirectUrl()); out.print(userJsonStr); return false; } else { System.out.println(uuid); String openid = (String) redisService.get(uuid); System.out.println(openid); if (StringUtils.isEmpty(openid)) { httpServletResponse.setCharacterEncoding("UTF-8"); httpServletResponse.setContentType("application/json; charset=utf-8"); PrintWriter out = httpServletResponse.getWriter(); String userJsonStr = ToolUtils.BeanToJson(ToolUtils.getRedirectUrl()); out.print(userJsonStr); return false; } else { httpServletRequest.setAttribute("openid", openid); return true; } } } return true; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { }
3、配置拦截器拦截哪些请求,注册拦截器
* 注册拦截器 */ @Configuration public class WebAppConfig extends WebMvcConfigurerAdapter { @Override public void addInterceptors(InterceptorRegistry registry) { //注册自定义拦截器,添加拦截路径和排除拦截路径 registry.addInterceptor(authenticationInterceptor()).addPathPatterns("/app/**","/sports/**"); //.excludePathPatterns("api/path/login") } @Bean public AuthenticationInterceptor authenticationInterceptor() { return new AuthenticationInterceptor(); }