这篇文章讲解一下AOP与注解的整合,通过注解来使用AOP,会非常方便。为了简便,我们还是来实现一个计时的功能。
首先创建一个注解:
@Retention(RetentionPolicy.RUNTIME)@Target(ElementType.METHOD)public@interface PkslowLogTime {
}
然后在一个Service中使用注解:
@Service@Slf4jpublicclassTestService {
@PkslowLogTimepublicvoidfetchData() {
log.info("fetchData");
try {
Thread.sleep(500);
} catch (InterruptedException e) {
thrownewRuntimeException(e);
}
}
}
这个Service的方法会在Controller中调用:
@GetMapping("/hello")public String hello() {
log.info("------hello() start---");
test();
staticTest();
testService.fetchData();
log.info("------hello() end---");
return"Hello, pkslow.";
}
接着是关键一步,我们要实现切面,来找到注解并实现对应功能:
@Aspect@Component@Slf4jpublicclassPkslowLogTimeAspect {
@Around("@annotation(com.pkslow.springboot.aop.PkslowLogTime) && execution(* *(..))")public Object doAround(ProceedingJoinPoint joinPoint)throws Throwable {
log.info("------PkslowLogTime doAround start------");
MethodSignaturemethodSignature= (MethodSignature) joinPoint.getSignature();
// Get intercepted method detailsStringclassName= methodSignature.getDeclaringType().getSimpleName();
StringmethodName= methodSignature.getName();
// Measure method execution timeStopWatchstopWatch=newStopWatch(className + "->" + methodName);
stopWatch.start(methodName);
Objectresult= joinPoint.proceed();
stopWatch.stop();
// Log method execution time
log.info(stopWatch.prettyPrint());
log.info("------PkslowLogTime doAround end------");
return result;
}
}
@Around("@annotation(com.pkslow.springboot.aop.PkslowLogTime) && execution(* *(..))")这个表达式很关键,如果不对,将无法正确识别;还有可能出现多次调用的情况。
这里使用了Spring的StopWatch来计时。
通过maven build包:
$ mvn clean package
日志可以看到有对应的织入信息:
[INFO] Join point 'method-execution(java.lang.String com.pkslow.springboot.controller.TestController.hello())'in Type 'com.pkslow.springboot.controller.TestController' (TestController.java:22) advised by around advice from 'com.pkslow.springboot.aop.ControllerAspect' (ControllerAspect.class(from ControllerAspect.java))
[INFO] Join point 'method-execution(java.lang.String com.pkslow.springboot.controller.TestController.hello())'in Type 'com.pkslow.springboot.controller.TestController' (TestController.java:22) advised by before advice from 'com.pkslow.springboot.aop.ControllerAspect' (ControllerAspect.class(from ControllerAspect.java))
[INFO] Join point 'method-execution(void com.pkslow.springboot.controller.TestController.test())'in Type 'com.pkslow.springboot.controller.TestController' (TestController.java:31) advised by around advice from 'com.pkslow.springboot.aop.ControllerAspect' (ControllerAspect.class(from ControllerAspect.java))
[INFO] Join point 'method-execution(void com.pkslow.springboot.controller.TestController.test())'in Type 'com.pkslow.springboot.controller.TestController' (TestController.java:31) advised by before advice from 'com.pkslow.springboot.aop.ControllerAspect' (ControllerAspect.class(from ControllerAspect.java))
[INFO] Join point 'method-execution(void com.pkslow.springboot.controller.TestController.staticTest())'in Type 'com.pkslow.springboot.controller.TestController' (TestController.java:37) advised by around advice from 'com.pkslow.springboot.aop.ControllerAspect' (ControllerAspect.class(from ControllerAspect.java))
[INFO] Join point 'method-execution(void com.pkslow.springboot.controller.TestController.staticTest())'in Type 'com.pkslow.springboot.controller.TestController' (TestController.java:37) advised by before advice from 'com.pkslow.springboot.aop.ControllerAspect' (ControllerAspect.class(from ControllerAspect.java))
[INFO] Join point 'method-execution(void com.pkslow.springboot.service.TestService.fetchData())'in Type 'com.pkslow.springboot.service.TestService' (TestService.java:12) advised by around advice from 'com.pkslow.springboot.aop.PkslowLogTimeAspect' (PkslowLogTimeAspect.class(from PkslowLogTimeAspect.java))
启动应用后访问接口,日志如下:
通过注解可以实现很多功能,也非常方便。而且注解还可以添加参数,组合使用更完美了。
①自定义登录接口
调用ProviderManager的方法进行认证 如果认证通过生成jwt
把用户信息存入redis中
②自定义UserDetailsService
在这个实现类中去查询数据库
注意配置passwordEncoder为BCryptPasswordEncoder
①定义Jwt认证过滤器
获取token
解析token获取其中的userid
从redis中获取用户信息
存入SecurityContextHolder
@Autowiredprivate AuthenticationManager authenticationManager;
@Autowiredprivate RedisCache redisCache;
@Overridepublic ResponseResult login(User user) {
//1,使用springsecurity功能认证,把用户名密码存入令牌UsernamePasswordAuthenticationTokenauthenticationToken=newUsernamePasswordAuthenticationToken(user.getUserName(),user.getPassword());
//2.1,默认使用UserDetailService去内存中找user用户,需要定义Impl实现类来重写查询方法,改成从数据库查询//2.2,UserDetailServiceImpl从数据库查询出user返回到authenticate这里。具体查看a类Authenticationauthenticate= authenticationManager.authenticate(authenticationToken);
//2.3,判断是否认证通过if(Objects.isNull(authenticate)){
thrownewRuntimeException("用户名或密码错误");
}
//3.1,获取userid 生成tokenLoginUserloginUser= (LoginUser) authenticate.getPrincipal();
StringuserId= loginUser.getUser().getId().toString();
//3.2,生成jwt Stringjwt= JwtUtil.createJWT(userId);
//3.3,把用户信息存入redis
redisCache.setCacheObject("bloglogin:"+userId,loginUser);
//4.1,把token和userinfo封装 返回//4.2,把User转换成UserInfoVoUserInfoVouserInfoVo= BeanCopyUtils.copyBean(loginUser.getUser(), UserInfoVo.class);
BlogUserLoginVovo=newBlogUserLoginVo(jwt,userInfoVo);
return ResponseResult.okResult(vo);
}
@ServicepublicclassUserDetailsServiceImplimplementsUserDetailsService {
@Autowiredprivate UserMapper userMapper;
@Overridepublic UserDetails loadUserByUsername(String username)throws UsernameNotFoundException {
//根据用户名查询用户信息
LambdaQueryWrapper queryWrapper = newLambdaQueryWrapper<>();
queryWrapper.eq(User::getUserName,username);
Useruser= userMapper.selectOne(queryWrapper);
//判断是否查到用户 如果没查到抛出异常if(Objects.isNull(user)){
thrownewRuntimeException("用户不存在");
}
//返回用户信息// TODO 查询权限信息封装returnnewLoginUser(user);
}
}
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
//关闭csrf.csrf().disable()
//不通过Session获取SecurityContext.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
// 对于登录接口 允许匿名访问.antMatchers("/login").anonymous()
// 除上面外的所有请求全部不需要认证即可访问.anyRequest().permitAll();
http.logout().disable();
//允许跨域
http.cors();
}
@Override@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
@ComponentpublicclassJwtAuthenticationTokenFilterextendsOncePerRequestFilter {
@Autowiredprivate RedisCache redisCache;
@OverrideprotectedvoiddoFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)throws ServletException, IOException, IOException, ServletException {
//1,获取请求头中的tokenStringtoken= request.getHeader("token");
if(!StringUtils.hasText(token)){
//说明该接口不需要登录直接放行,如果是第一次登陆的话跳转到登陆去获取token
filterChain.doFilter(request, response);
return;
}
//2,解析获取useridClaimsclaims=null;
try {
//String jwt = JwtUtil.createJWT(userId);jwt内容为id
claims = JwtUtil.parseJWT(token);
} catch (Exception e) {
e.printStackTrace();
//token超时 token非法//响应告诉前端需要重新登录ResponseResultresult= ResponseResult.errorResult(AppHttpCodeEnum.NEED_LOGIN);
WebUtils.renderString(response, JSON.toJSONString(result));
return;
}
StringuserId= claims.getSubject();
//3,从redis中获取用户信息LoginUserloginUser= redisCache.getCacheObject("bloglogin:" + userId);
//如果获取不到if(Objects.isNull(loginUser)){
//说明登录过期 提示重新登录ResponseResultresult= ResponseResult.errorResult(AppHttpCodeEnum.NEED_LOGIN);
WebUtils.renderString(response, JSON.toJSONString(result));
return;
}
//4,存入SecurityContextHolderUsernamePasswordAuthenticationTokenauthenticationToken=newUsernamePasswordAuthenticationToken(loginUser,null,null);
//UPToken令牌存入Security上下文的设置身份验证属性中,后面过滤器会从Security上下文这里获取用户信息
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
filterChain.doFilter(request, response);
}
}
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
//1,注入登录校验过滤器@Autowired
private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
//关闭csrf.csrf().disable()
//不通过Session获取SecurityContext.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
// 对于登录接口 允许匿名访问.antMatchers("/login").anonymous()
//jwt过滤器测试用,如果测试没有问题吧这里删除了.antMatchers("/link/getAllLink").authenticated()
// 除上面外的所有请求全部不需要认证即可访问.anyRequest().permitAll();
http.logout().disable();
//***2,把jwtAuthenticationTokenFilter添加到SpringSecurity的过滤器链中
http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
//允许跨域
http.cors();
}
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
package com.lwq.config;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.fasterxml.jackson.databind.JavaType;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.type.TypeFactory;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.springframework.data.redis.serializer.SerializationException;
import com.alibaba.fastjson.parser.ParserConfig;
import org.springframework.util.Assert;
import java.nio.charset.Charset;
/**
* Redis使用FastJson序列化
*
* @author sg
*/publicclassFastJsonRedisSerializer implementsRedisSerializer
{
publicstaticfinalCharsetDEFAULT_CHARSET= Charset.forName("UTF-8");
private Class clazz;
static
{
ParserConfig.getGlobalInstance().setAutoTypeSupport(true);
}
publicFastJsonRedisSerializer(Class clazz)
{
super();
this.clazz = clazz;
}
@Overridepublicbyte[] serialize(T t) throws SerializationException
{
if (t == null)
{
returnnewbyte[0];
}
return JSON.toJSONString(t, SerializerFeature.WriteClassName).getBytes(DEFAULT_CHARSET);
}
@Overridepublic T deserialize(byte[] bytes)throws SerializationException
{
if (bytes == null || bytes.length <= 0)
{
returnnull;
}
Stringstr=newString(bytes, DEFAULT_CHARSET);
return JSON.parseObject(str, clazz);
}
protected JavaType getJavaType(Class> clazz)
{
return TypeFactory.defaultInstance().constructType(clazz);
}
}
package com.lwq.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.serializer.StringRedisSerializer;
@ConfigurationpublicclassRedisConfig {
@Bean@SuppressWarnings(value = { "unchecked", "rawtypes" })
publicRedisTemplate