spring自定义注解实现登陆拦截器
1、spring自定义注解实现登陆拦截器
原理:定义一个注解和一个拦截器,拦截器拦截所有方法请求,判断该方法有没有该注解。没有,放行;有,要进行验证。从而实现方法加注解就需要验证是否登陆。
2、自定义注解
package com.oy.filter;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target; // can be used to method
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface IsLogin { }
3、登陆拦截器
package com.oy.filter;
import java.text.MessageFormat; import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import amberai.jweb.utils.UtilFunctions; public class LoginInterceptor extends HandlerInterceptorAdapter { @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception { Cookie[] cs = request.getCookies();
if (cs != null && cs.length > 0 ) {
for (Cookie c : cs) {
UtilFunctions.log.info("==== LoginInterceptor#preHandle, cookie.key:{}, cookie.value:{} ====", c.getName(), c.getValue());
}
} request.setAttribute("resourceBundle", Utils.getResourceBundle(request)); String sessionId = Utils.getSessionId(request);
Integer uid = Utils.getUserId(request);
String controllerName = Utils.getClassName(handler);
String methodName = Utils.getMethodName(handler);
String handlerTypeName = handler.getClass().getName();
// String language = Utils.getLanguage(request); // if url?l=zh-cn1, then language = en-us
// if url?l=zh-cn1, then language = zh-cn1.
String language = request.getParameter("l");
if (language == null) {
language = Utils.getLanguageByCookie(request);
} String logMsg = MessageFormat.format("sessionId:{0}, uid:{1}, controllerName:{2}, methodName:{3}, handlerTypeName:{4}, language:{5}",
sessionId, uid, controllerName, methodName, handlerTypeName, language);
UtilFunctions.log.info("LoginInterceptor#preHandle LoginInterceptor work, " + logMsg); long begin = System.currentTimeMillis(); // target of request is method of controller
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Object object = handlerMethod.getMethodAnnotation(IsLogin.class); if (object == null) { // method without @IsLogin annotation
long time = System.currentTimeMillis() - begin;
UtilFunctions.log.info("LoginInterceptor#preHandle over, method[{}] without annotation, takes time:{} ms, " + logMsg, methodName, time);
return true;
} else { // method with @IsLogin annotation
if (uid == null) {
// visitor
response.setStatus(401);
long time = System.currentTimeMillis() - begin;
UtilFunctions.log.info("LoginInterceptor#preHandle over, visitor request intercepted, takes time:{} ms, " + logMsg, time);
return false;
} // user
request.setAttribute("uid", uid);
}
} long time = System.currentTimeMillis() - begin;
UtilFunctions.log.info("LoginInterceptor#preHandle over, user request ok, takes time:{} ms, " + logMsg, time); return true;
} }
spring配置文件中注册拦截器
<mvc:interceptors>
<bean class="com.oy.filter.LoginInterceptor" />
</mvc:interceptors>
4、Utils类
package com.oy.filter;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.ResourceBundle; import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; import org.springframework.web.method.HandlerMethod; import com.alibaba.fastjson.JSONException;
import com.alibaba.fastjson.JSONObject;
import com.mysql.jdbc.StringUtils; import amberai.jweb.utils.Config;
import amberai.jweb.utils.RedisAccess;
import amberai.jweb.utils.UtilFunctions;
import redis.clients.jedis.Jedis; public class Utils { public static String getSessionId(HttpServletRequest request) {
String sessionId = null; if (request == null) {
return sessionId;
} Cookie[] cookies = request.getCookies();
if (cookies == null || cookies.length == 0) {
return sessionId;
} for (Cookie cookie : cookies) {
if ("PHPSESSID".equalsIgnoreCase(cookie.getName())) {
sessionId = cookie.getValue();
}
} return sessionId;
} public static Integer getUserId(String sessionId) {
Integer uid = null; if (null == sessionId) {
return uid;
} JSONObject userInfo = Utils.getUserInfoFromRedis(sessionId);
if (null == userInfo || userInfo.getIntValue("userId") <= 0) {
return uid;
}
uid = userInfo.getIntValue("userId");
return uid;
} public static Integer getUserId(HttpServletRequest request) {
Integer uid = null; if (null == request) {
return uid;
} String sessionId = getSessionId(request);
if (sessionId == null) {
return uid;
} JSONObject userInfo = Utils.getUserInfoFromRedis(sessionId);
if (null == userInfo || userInfo.getIntValue("userId") <= 0) {
return uid;
}
uid = userInfo.getIntValue("userId");
return uid;
} public static JSONObject getUserInfoFromRedis(String sessionId) {
if (sessionId == null) {
return null;
} UtilFunctions.log.debug("checkLogin, sessionId:{}", sessionId);
Jedis redisClient = null;
try {
redisClient = RedisAccess.getRedisClient(); String userInfo = redisClient.get("sess_" + sessionId);
UtilFunctions.log.debug("checkLogin, userInfo:{}", userInfo);
if (null == userInfo) {
return null;
}
JSONObject jsonObj = null;
try {
jsonObj = JSONObject.parseObject(userInfo);
} catch (JSONException e) {
String errMsg = MessageFormat.format("can not cast to JSONObject. sessionId:{0}, userInfo:{1}",
sessionId, userInfo);
UtilFunctions.log.info(errMsg);
UtilFunctions.reportError(errMsg, e);
}
return jsonObj;
} finally {
if (null != redisClient) {
redisClient.close();
}
}
} public static String getMethodName(Object handler) {
if (null == handler) {
return "";
} if (HandlerMethod.class.equals(handler.getClass())) {
HandlerMethod method = (HandlerMethod) handler;
return method.getMethod().getName();
} return "";
} public static String getClassName(Object handler) {
if (null == handler) {
return "";
} if (HandlerMethod.class.equals(handler.getClass())) {
// get controller
HandlerMethod method = (HandlerMethod) handler;
Object controller = method.getBean(); String className = controller.getClass().getName();
int idx = className.lastIndexOf("."); if (idx >= 0 && (idx + 1) < className.length()) {
return className.substring(idx + 1);
}
return className;
} return "";
} public static String getRemoteIp(HttpServletRequest request) {
if (null == request) {
return "";
} String ip = request.getHeader("x-forwarded-for");
if (StringUtils.isNullOrEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
} if (StringUtils.isNullOrEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
} if (StringUtils.isNullOrEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
} return ip; } public static String getLanguage(HttpServletRequest request) {
String language = "";
if (request == null) return language; // priority: url?l=en-us > Cookie:language=zh-cn
language = request.getParameter("l");
if (language == null || Config.LANGUAGECONFIG.get(language.toLowerCase()) == null) {
language = Utils.getLanguageByCookie(request);
} if (language == null || Config.LANGUAGECONFIG.get(language.toLowerCase()) == null) {
language = "en-us"; // default "en-us"
} return language;
} public static String getLanguageByCookie(HttpServletRequest request) {
String language = "";
if (request == null) return language; Cookie[] cookies = request.getCookies();
if (cookies == null || cookies.length == 0) {
return language;
} for (Cookie cookie : cookies) {
if ("language".equalsIgnoreCase(cookie.getName())) {
language = cookie.getValue();
}
} return language;
} public static ResourceBundle getResourceBundle(HttpServletRequest request) {
String language = Utils.getLanguage(request);
String[] languages = language.split("-");
Locale locale = null;
if (languages.length >= 2) {
locale = new Locale(language.split("-")[0], language.split("-")[1]);
} else if (languages.length == 1) {
locale = new Locale(language.split("-")[0], "ES");
}
return ResourceBundle.getBundle("i18n/MessgesBundle", locale);
} public static void setSessionAttrToRedis(String sessionId, String jsonStr) {
Jedis redisClient = null;
try {
redisClient = RedisAccess.getRedisClient();
redisClient.set("sess_" + sessionId, jsonStr);
redisClient.expire("sess_" + sessionId, 3600);
} finally {
if (null != redisClient) {
redisClient.close();
}
}
}
}
5、使用@IsLogin
@IsLogin
@RequestMapping(value = "/xxx/xxx", method = RequestMethod.POST)
@ResponseBody
public JSONObject setPayPassword(HttpServletRequest request,
@RequestParam(value = "xxx", required = true) String xxx,
@RequestParam(value = "xxx", required = true) String xxx) { Integer userId = (Integer) request.getAttribute("uid");
ResourceBundle resourceBundle = (ResourceBundle) request.getAttribute("resourceBundle");
...
}
spring自定义注解实现登陆拦截器的更多相关文章
- Spring实现自定义注解并且配置拦截器进行拦截
有时候我们会自定义注解,并且需要配置拦截器对请求方法含有该自定义注解的方法进行拦截操作 自定义注解类 NeedToken.java import java.lang.annotation.Docume ...
- JAVAEE——struts2_04:自定义拦截器、struts2标签、登陆功能和校验登陆拦截器的实现
一.自定义拦截器 1.架构 2.拦截器创建 //拦截器:第一种创建方式 //拦截器生命周期:随项目的启动而创建,随项目关闭而销毁 public class MyInterceptor implemen ...
- Spring Boot使用过滤器和拦截器分别实现REST接口简易安全认证
本文通过一个简易安全认证示例的开发实践,理解过滤器和拦截器的工作原理. 很多文章都将过滤器(Filter).拦截器(Interceptor)和监听器(Listener)这三者和Spring关联起来讲解 ...
- [转载]开发 Spring 自定义视图和视图解析器
原文出处 http://www.ibm.com/developerworks/cn/java/j-lo-springview/ 概述 Spring 3.0 默认包含了多种视图和视图解析器,比如 JSP ...
- 通过spring抽象路由数据源+MyBatis拦截器实现数据库自动读写分离
前言 之前使用的读写分离的方案是在mybatis中配置两个数据源,然后生成两个不同的SqlSessionTemplate然后手动去识别执行sql语句是操作主库还是从库.如下图所示: 好处是,你可以人为 ...
- 【Java EE 学习 70 上】【数据采集系统第二天】【数据加密处理】【登陆验证】【登陆拦截器】【新建调查】【查询调查】
一.数据加密处理 这里使用MD5加密处理,使用java中自带加密工具类MessageDigest. 该类有一个方法digest,该方法输入参数是一个字符串返回值是一个长度为16的字节数组.最关键的是需 ...
- Spring AOP 源码分析 - 拦截器链的执行过程
1.简介 本篇文章是 AOP 源码分析系列文章的最后一篇文章,在前面的两篇文章中,我分别介绍了 Spring AOP 是如何为目标 bean 筛选合适的通知器,以及如何创建代理对象的过程.现在我们的得 ...
- Spring AOP深入理解之拦截器调用
Spring AOP深入理解之拦截器调用 Spring AOP代理对象生成回想 上一篇博客中:深入理解Spring AOP之二代理对象生成介绍了Spring代理对象是怎样生成的,当中重点介绍了JDK动 ...
- Spring MVC基础知识整理➣拦截器和自定义注解
概述 Spring MVC中通过注解来对方法或者类进行动态的说明或者标注,类似于配置标识文件的属性信息.当标注的类或者方式被使用时候,通过提取注解信息来达到对类的动态处理.在 MVC中,我们常用的注解 ...
随机推荐
- IIS配置安卓下载.apk文件
前提:你的.apk文件所在路径正确,例如:www.grainnews.com.cn:8002/Attach/Images/201807/20180712091842127.apk 1.打开IIS 2. ...
- vue2.X + HTML5 plus 拍照和调用设备相册 另附 图片转base64和压缩图片方法
HTML5 部分 <button @click="tesCamera()" type="button" :disabled="isshStatu ...
- 20191209 Linux就该这么学(6)
6. 存储结构与磁盘划分 6.1 一切从"/"开始 Linux 系统中的一切文件都是从"根(/)"目录开始的,并按照文件系统层次化标准(FHS)采用树形结构来存 ...
- [Python3] 028 常用模块 datetime
目录 datetime 1. datetime.date 2. datetime.time 3. datetime.datetime 4. datetime.timedelta 补充 datetime ...
- 通过U盘或CD/DVD装centos7,出现“dracut-initqueue timeout..."解决办法
1.在用CD/DVD挂载centos7镜像安装系统时,出现“dracut-initqueue timeout...", :/# cd dev :/# ls 2.这是因为安装程序未能找到安装文 ...
- idea工具
1. 使用IntelliJ IDEA 配置JDK(入门) https://blog.csdn.net/nobb111/article/details/77116259 2. idea 调试快捷键 ...
- java来接收邮件并解析邮件正文中的表格
这里是实际需求中的一个DEMO 有一部分内容进行了注释和处理,参考需要修改成自己的实际参数.另这个是对于实际一个场景的案例并不是通用解决的工具类. import org.jsoup.Jsoup; im ...
- springboot2.0结合fastdfs实现文件分布式上传
1. 引入依赖 在父工程中,我们已经管理了依赖,版本为: <fastDFS.client.version>1.26.7</fastDFS.client.version> 因此, ...
- docker Dockerfile文件的编写部分命令
镜像的构建过程:编写dockerfile文件,执行docker build 进行构建镜像,最后docker run 运行容器镜像实例. docker build -t mycentos:1.01 . ...
- Linux连接外网~可以Windows与Linux互ping通~图文
我这里用的是CentOS7_1511 下载地址 http://linux.xitongxz.net:808/201603/CentOS-7-x86_64-DVD-1511.iso 选择 虚拟机左上角 ...