spring自定义注解实现登陆拦截器
1、spring自定义注解实现登陆拦截器
原理:定义一个注解和一个拦截器,拦截器拦截所有方法请求,判断该方法有没有该注解。没有,放行;有,要进行验证。从而实现方法加注解就需要验证是否登陆。
2、自定义注解
package com.oy.filter;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target; // can be used to method
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface IsLogin { }
3、登陆拦截器
package com.oy.filter;
import java.text.MessageFormat; import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import amberai.jweb.utils.UtilFunctions; public class LoginInterceptor extends HandlerInterceptorAdapter { @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception { Cookie[] cs = request.getCookies();
if (cs != null && cs.length > 0 ) {
for (Cookie c : cs) {
UtilFunctions.log.info("==== LoginInterceptor#preHandle, cookie.key:{}, cookie.value:{} ====", c.getName(), c.getValue());
}
} request.setAttribute("resourceBundle", Utils.getResourceBundle(request)); String sessionId = Utils.getSessionId(request);
Integer uid = Utils.getUserId(request);
String controllerName = Utils.getClassName(handler);
String methodName = Utils.getMethodName(handler);
String handlerTypeName = handler.getClass().getName();
// String language = Utils.getLanguage(request); // if url?l=zh-cn1, then language = en-us
// if url?l=zh-cn1, then language = zh-cn1.
String language = request.getParameter("l");
if (language == null) {
language = Utils.getLanguageByCookie(request);
} String logMsg = MessageFormat.format("sessionId:{0}, uid:{1}, controllerName:{2}, methodName:{3}, handlerTypeName:{4}, language:{5}",
sessionId, uid, controllerName, methodName, handlerTypeName, language);
UtilFunctions.log.info("LoginInterceptor#preHandle LoginInterceptor work, " + logMsg); long begin = System.currentTimeMillis(); // target of request is method of controller
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Object object = handlerMethod.getMethodAnnotation(IsLogin.class); if (object == null) { // method without @IsLogin annotation
long time = System.currentTimeMillis() - begin;
UtilFunctions.log.info("LoginInterceptor#preHandle over, method[{}] without annotation, takes time:{} ms, " + logMsg, methodName, time);
return true;
} else { // method with @IsLogin annotation
if (uid == null) {
// visitor
response.setStatus(401);
long time = System.currentTimeMillis() - begin;
UtilFunctions.log.info("LoginInterceptor#preHandle over, visitor request intercepted, takes time:{} ms, " + logMsg, time);
return false;
} // user
request.setAttribute("uid", uid);
}
} long time = System.currentTimeMillis() - begin;
UtilFunctions.log.info("LoginInterceptor#preHandle over, user request ok, takes time:{} ms, " + logMsg, time); return true;
} }
spring配置文件中注册拦截器
<mvc:interceptors>
<bean class="com.oy.filter.LoginInterceptor" />
</mvc:interceptors>
4、Utils类
package com.oy.filter;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.ResourceBundle; import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; import org.springframework.web.method.HandlerMethod; import com.alibaba.fastjson.JSONException;
import com.alibaba.fastjson.JSONObject;
import com.mysql.jdbc.StringUtils; import amberai.jweb.utils.Config;
import amberai.jweb.utils.RedisAccess;
import amberai.jweb.utils.UtilFunctions;
import redis.clients.jedis.Jedis; public class Utils { public static String getSessionId(HttpServletRequest request) {
String sessionId = null; if (request == null) {
return sessionId;
} Cookie[] cookies = request.getCookies();
if (cookies == null || cookies.length == 0) {
return sessionId;
} for (Cookie cookie : cookies) {
if ("PHPSESSID".equalsIgnoreCase(cookie.getName())) {
sessionId = cookie.getValue();
}
} return sessionId;
} public static Integer getUserId(String sessionId) {
Integer uid = null; if (null == sessionId) {
return uid;
} JSONObject userInfo = Utils.getUserInfoFromRedis(sessionId);
if (null == userInfo || userInfo.getIntValue("userId") <= 0) {
return uid;
}
uid = userInfo.getIntValue("userId");
return uid;
} public static Integer getUserId(HttpServletRequest request) {
Integer uid = null; if (null == request) {
return uid;
} String sessionId = getSessionId(request);
if (sessionId == null) {
return uid;
} JSONObject userInfo = Utils.getUserInfoFromRedis(sessionId);
if (null == userInfo || userInfo.getIntValue("userId") <= 0) {
return uid;
}
uid = userInfo.getIntValue("userId");
return uid;
} public static JSONObject getUserInfoFromRedis(String sessionId) {
if (sessionId == null) {
return null;
} UtilFunctions.log.debug("checkLogin, sessionId:{}", sessionId);
Jedis redisClient = null;
try {
redisClient = RedisAccess.getRedisClient(); String userInfo = redisClient.get("sess_" + sessionId);
UtilFunctions.log.debug("checkLogin, userInfo:{}", userInfo);
if (null == userInfo) {
return null;
}
JSONObject jsonObj = null;
try {
jsonObj = JSONObject.parseObject(userInfo);
} catch (JSONException e) {
String errMsg = MessageFormat.format("can not cast to JSONObject. sessionId:{0}, userInfo:{1}",
sessionId, userInfo);
UtilFunctions.log.info(errMsg);
UtilFunctions.reportError(errMsg, e);
}
return jsonObj;
} finally {
if (null != redisClient) {
redisClient.close();
}
}
} public static String getMethodName(Object handler) {
if (null == handler) {
return "";
} if (HandlerMethod.class.equals(handler.getClass())) {
HandlerMethod method = (HandlerMethod) handler;
return method.getMethod().getName();
} return "";
} public static String getClassName(Object handler) {
if (null == handler) {
return "";
} if (HandlerMethod.class.equals(handler.getClass())) {
// get controller
HandlerMethod method = (HandlerMethod) handler;
Object controller = method.getBean(); String className = controller.getClass().getName();
int idx = className.lastIndexOf("."); if (idx >= 0 && (idx + 1) < className.length()) {
return className.substring(idx + 1);
}
return className;
} return "";
} public static String getRemoteIp(HttpServletRequest request) {
if (null == request) {
return "";
} String ip = request.getHeader("x-forwarded-for");
if (StringUtils.isNullOrEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
} if (StringUtils.isNullOrEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
} if (StringUtils.isNullOrEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
} return ip; } public static String getLanguage(HttpServletRequest request) {
String language = "";
if (request == null) return language; // priority: url?l=en-us > Cookie:language=zh-cn
language = request.getParameter("l");
if (language == null || Config.LANGUAGECONFIG.get(language.toLowerCase()) == null) {
language = Utils.getLanguageByCookie(request);
} if (language == null || Config.LANGUAGECONFIG.get(language.toLowerCase()) == null) {
language = "en-us"; // default "en-us"
} return language;
} public static String getLanguageByCookie(HttpServletRequest request) {
String language = "";
if (request == null) return language; Cookie[] cookies = request.getCookies();
if (cookies == null || cookies.length == 0) {
return language;
} for (Cookie cookie : cookies) {
if ("language".equalsIgnoreCase(cookie.getName())) {
language = cookie.getValue();
}
} return language;
} public static ResourceBundle getResourceBundle(HttpServletRequest request) {
String language = Utils.getLanguage(request);
String[] languages = language.split("-");
Locale locale = null;
if (languages.length >= 2) {
locale = new Locale(language.split("-")[0], language.split("-")[1]);
} else if (languages.length == 1) {
locale = new Locale(language.split("-")[0], "ES");
}
return ResourceBundle.getBundle("i18n/MessgesBundle", locale);
} public static void setSessionAttrToRedis(String sessionId, String jsonStr) {
Jedis redisClient = null;
try {
redisClient = RedisAccess.getRedisClient();
redisClient.set("sess_" + sessionId, jsonStr);
redisClient.expire("sess_" + sessionId, 3600);
} finally {
if (null != redisClient) {
redisClient.close();
}
}
}
}
5、使用@IsLogin
@IsLogin
@RequestMapping(value = "/xxx/xxx", method = RequestMethod.POST)
@ResponseBody
public JSONObject setPayPassword(HttpServletRequest request,
@RequestParam(value = "xxx", required = true) String xxx,
@RequestParam(value = "xxx", required = true) String xxx) { Integer userId = (Integer) request.getAttribute("uid");
ResourceBundle resourceBundle = (ResourceBundle) request.getAttribute("resourceBundle");
...
}
spring自定义注解实现登陆拦截器的更多相关文章
- Spring实现自定义注解并且配置拦截器进行拦截
有时候我们会自定义注解,并且需要配置拦截器对请求方法含有该自定义注解的方法进行拦截操作 自定义注解类 NeedToken.java import java.lang.annotation.Docume ...
- JAVAEE——struts2_04:自定义拦截器、struts2标签、登陆功能和校验登陆拦截器的实现
一.自定义拦截器 1.架构 2.拦截器创建 //拦截器:第一种创建方式 //拦截器生命周期:随项目的启动而创建,随项目关闭而销毁 public class MyInterceptor implemen ...
- Spring Boot使用过滤器和拦截器分别实现REST接口简易安全认证
本文通过一个简易安全认证示例的开发实践,理解过滤器和拦截器的工作原理. 很多文章都将过滤器(Filter).拦截器(Interceptor)和监听器(Listener)这三者和Spring关联起来讲解 ...
- [转载]开发 Spring 自定义视图和视图解析器
原文出处 http://www.ibm.com/developerworks/cn/java/j-lo-springview/ 概述 Spring 3.0 默认包含了多种视图和视图解析器,比如 JSP ...
- 通过spring抽象路由数据源+MyBatis拦截器实现数据库自动读写分离
前言 之前使用的读写分离的方案是在mybatis中配置两个数据源,然后生成两个不同的SqlSessionTemplate然后手动去识别执行sql语句是操作主库还是从库.如下图所示: 好处是,你可以人为 ...
- 【Java EE 学习 70 上】【数据采集系统第二天】【数据加密处理】【登陆验证】【登陆拦截器】【新建调查】【查询调查】
一.数据加密处理 这里使用MD5加密处理,使用java中自带加密工具类MessageDigest. 该类有一个方法digest,该方法输入参数是一个字符串返回值是一个长度为16的字节数组.最关键的是需 ...
- Spring AOP 源码分析 - 拦截器链的执行过程
1.简介 本篇文章是 AOP 源码分析系列文章的最后一篇文章,在前面的两篇文章中,我分别介绍了 Spring AOP 是如何为目标 bean 筛选合适的通知器,以及如何创建代理对象的过程.现在我们的得 ...
- Spring AOP深入理解之拦截器调用
Spring AOP深入理解之拦截器调用 Spring AOP代理对象生成回想 上一篇博客中:深入理解Spring AOP之二代理对象生成介绍了Spring代理对象是怎样生成的,当中重点介绍了JDK动 ...
- Spring MVC基础知识整理➣拦截器和自定义注解
概述 Spring MVC中通过注解来对方法或者类进行动态的说明或者标注,类似于配置标识文件的属性信息.当标注的类或者方式被使用时候,通过提取注解信息来达到对类的动态处理.在 MVC中,我们常用的注解 ...
随机推荐
- 基于vant实现一个问卷调查
实现背景 最近学习<vue实战>,第二篇进阶篇有一个练习 刚好最近在研究vue移动端框架vant 两者结合,实现这么个小项目 实现代码 新建 vue单文件 L0529L.vue <t ...
- Buffer对象与JSON对象相互转换
> buffer=new Buffer('换汤不换药');<Buffer e6 88 91 e7 88 b1 e4 bd a0 ef bc 8c e7 89 a9 e7 90 86> ...
- poj3191(负进位制)
题目链接:https://vjudge.net/problem/POJ-3191 题意:将一个int范围的整数用-2进制表示并输出. 思路:将十进制转换成-2进制,原理也类似于短除法.但不同的是不是简 ...
- MySQL的日志系统
一.日志类型 逻辑日志:存储了逻辑SQL修改语句 物理日志:存储了数据被修改的值 二.binlog 1.定义 binlog 是 MySQL 的逻辑日志,也叫二进制日志.归档日志,由 MySQL Ser ...
- python之网络部分
1.C/S B/S架构 C: client端 B: browse 浏览器 S: server端 C/S架构: 基于客户端与服务端之间的通信 QQ, 游戏,皮皮虾, 快手,抖音. 优点: 个性化 ...
- Flask-wtf导入Regexp规则库验证手机号码合法性(测试通过)
手机号码在项目有着很重要的地位,保证用户输入的号码准确无误就显得很关键. 废话不多说,现在页面中引入Regexp规则库: from wtforms.validators import Regexp 验 ...
- Maven build 命令介绍(转)
常用命令: 打包:mvn package编译:mvn compile清空:mvn clean(清除编译后目录,默认是target目录)运行测试:mvn test安装jar包到本地仓库中:mvn ins ...
- sql server 三角函数
正弦函数SIN(x)和反正弦函数ASIN(x) --SIN(x)返回x的正弦,其中x为弧度值 --ASIN(x)返回x的反正弦,即正弦x的值,若x不在-1到1的范围内,则返回NULL 示例:selec ...
- [转载]Jupyter Notebook中自动补全代码
原文地址:https://yq.aliyun.com/articles/667928 在公众号之前的文章中,已经介绍了在Jupyter Notebook中设置主题以及输出代码文件到pdf文件中,本文来 ...
- BZOJ 4141 [Thu Summer Camp 2013]魔塔
权限题qwq 以下设值域大小为\(m\) 先考虑枚举攻击力,因为首先攻击力决定每个怪物的攻击次数,然后对于每个怪物,攻击次数为\(\lceil\frac{hp_i}{ATK-def_i}\rceil\ ...