首先引入web模块的依赖:
<!-- spring boot web 组件 --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <!-- spring boot web 组件 -->
然后编写拦截器类:
import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import simple.proj.zxz.play.comm.GeneralConsts; import simple.proj.zxz.play.pojo.vo.comm.CommOutVO; import simple.proj.zxz.play.prop.CommProp; import simple.proj.zxz.play.utils.JsonUtil; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * api访问拦截器 * * @author Zxz * @version 1.0 * @date Created at 2018/11/24 **/ @Slf4j @Component public class ApiAccessInterceptor extends HandlerInterceptorAdapter { @Autowired private CommProp commProp; /** * http响应类型字段 */ private static final String RESPONSE_CONTENT_TYPE = "Content-Type"; /** * http响应类型:json */ private static final String RESPONSE_HEADER_JSON = "application/json"; /** * 访问认证拦截 * * @param request 请求 * @param response 响应 * @param handler 数据 * @return boolean * @author Zxz * @date 2019/10/25 17:34 **/ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { //方法类型过滤 if (!(handler instanceof HandlerMethod)) { return super.preHandle(request, response, handler); } //token验证 String token = request.getHeader(GeneralConsts.REQ_HEADER_AUTH); if (StringUtils.isEmpty(token)) { //没有token信息,未登录 response.setHeader(RESPONSE_CONTENT_TYPE, RESPONSE_HEADER_JSON); response.getWriter().write(JsonUtil.toFormattedJsonString(CommOutVO.getNotAuth())); return false; } else if (!auth(token)) { return false; } return super.preHandle(request, response, handler); } /** * 验证认证信息是否可以 * * @param token token串 * @return boolean * @author Zxz * @date 2019/10/25 17:48 **/ private boolean auth(String token) { return token.equals(commProp.getUserPermanentAuthorization()); } }
最后在配置类里面加入拦截器以及要拦截的路径:
import com.alibaba.fastjson.serializer.SerializerFeature; import com.alibaba.fastjson.support.config.FastJsonConfig; import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter4; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.autoconfigure.http.HttpMessageConverters; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import simple.proj.zxz.play.interceptors.ApiAccessInterceptor; import simple.proj.zxz.play.prop.CommProp; /** * web配置 * * @author zhangxz * 2019/10/25 */ @Configuration public class WebConfig implements WebMvcConfigurer { @Autowired private ApiAccessInterceptor apiAccessInterceptor; @Autowired private CommProp commProp; /** * 拦截器配置 * * @param registry 拦截器注册类 * @return void * @author Zxz * @date 2019/10/25 17:53 **/ @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(apiAccessInterceptor).addPathPatterns("/" + commProp.getPlayApiVersionLatest() + "/**"); //注意,拦截器配置不能使用配置文件的统一api路径配置:server.servlet.context-path,这样配置是无效的。 //只能使用controller里面的具体路径配置,才能有效拦截 // registry.addInterceptor(apiAccessInterceptor).addPathPatterns("/play/api/**"); } }
结束。