springboot拦截器登录验证

首先是拦截器代码

package com.biaodian.admin.config;

import com.alibaba.fastjson.JSON;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class MyInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        System.out.println("MyInterceptor1 => preHandle");
        //获取请求头信息
        String token = request.getHeader("token");
        //判断token是否为空
        if (StringUtils.hasLength(token)) {
            return true;
        }
        //token为空时返回签名错误
        setReturn(request, response);
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        System.out.println("MyInterceptor1 => postHandle");
        HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        System.out.println("MyInterceptor1 => afterCompletion");
        HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
    }

    //返回错误信息
    private static void setReturn(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType("application/json;charset=utf-8");
        httpServletResponse.setHeader("Access-Control-Allow-Origin", httpServletRequest.getHeader("Origin"));
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Referer,User-Agent,ticket,loginId,loginTerminal,cityCode,source");
        httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        try {
            httpServletResponse.getWriter().write(JSON.toJSONString("签名错误"));
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
}

加入到拦截器

package com.biaodian.admin.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class MvcConfig implements WebMvcConfigurer {
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        InterceptorRegistration interceptorRegistration = registry.addInterceptor(new MyInterceptor()).excludePathPatterns("/login");
        interceptorRegistration.excludePathPatterns("/*.html");
    }
}

定义controller

package com.biaodian.admin.controller;

import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;

import java.util.Map;

@RestController
public class LoginController {

    @PostMapping("/login")
    public String login(@RequestBody Map param) {
        System.out.println(param.get("username"));
        return "login";
    }

    @PostMapping("/test")
    public String test(@RequestBody Map param) {
        System.out.println(param.get("username"));
        return "test";
    }
}

访问login和test，这里login接口不走拦截器，test走拦截器