当我们后台某些方法或应用被调用时,我们一般要对请求的方法进行拦截,判断请求是否合法,比如是否登录,某些参数是否正确等等。
Springboot2.0之后通过WebMvcConfigurer的来实现拦截器。
自定义拦截器,实现HandlerInterceptor接口
1. public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
请求访问到controller之前拦截,比如用户如果没有登录,则拦截,请求被拒绝
2. public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView)
请求访问到controller之后,渲染试图之前
3. public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
请求访问到controller之后,渲染试图之后
packagecom.db.interceptors;importcom.db.pojo.AppUser;importcom.db.service.UserService;importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.web.servlet.HandlerInterceptor;importorg.springframework.web.servlet.ModelAndView;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;publicclassUserInterceptorimplementsHandlerInterceptor{@AutowiredprivateUserService userService;/**
* 请求访问到controller之前拦截
*/@OverridepublicbooleanpreHandle(HttpServletRequest request,HttpServletResponse response,Object handler)throwsException{String userId= request.getParameter("userId");if(null== userId||"".equalsIgnoreCase(userId)){System.out.println("请求非法!");returnfalse;}AppUser userInfo= userService.getUser(userId);if(null== userInfo){System.out.println("用户不存在!");returnfalse;}returntrue;}/**
* 请求访问到controller之后,渲染试图之前
*/@OverridepublicvoidpostHandle(HttpServletRequest request,HttpServletResponse response,Object handler,ModelAndView modelAndView)throwsException{}/**
* 请求访问到controller之后,渲染试图之后
*/@OverridepublicvoidafterCompletion(HttpServletRequest request,HttpServletResponse response,Object handler,Exception ex)throwsException{}}拦截器配置类,实现WebMvcConfigurer接口
packagecom.db.config;importcom.db.interceptors.UserInterceptor;importorg.springframework.context.annotation.Bean;importorg.springframework.context.annotation.Configuration;importorg.springframework.web.servlet.config.annotation.InterceptorRegistry;importorg.springframework.web.servlet.config.annotation.WebMvcConfigurer;@ConfigurationpublicclassInterceptorConfigimplementsWebMvcConfigurer{@BeanpublicUserInterceptoruserInterceptor(){returnnewUserInterceptor();}@OverridepublicvoidaddInterceptors(InterceptorRegistry registry){/*
*addInterceptor 拦截器类
*addPathPatterns拦截请求路径
*/
registry.addInterceptor(userInterceptor()).addPathPatterns("/user/getUserInfoByUserId").addPathPatterns("/user/getAllUserInfo");}}WebMvcConfigurer另外常用方法
addViewControllers:页面跳转
@OverridepublicvoidaddViewControllers(ViewControllerRegistry registry){
registry.addViewController("/toLogin").setViewName("login");}configureViewResolvers:视图解析器
/**
* 配置请求视图映射
* @return
*/@BeanpublicInternalResourceViewResolverresourceViewResolver(){InternalResourceViewResolver internalResourceViewResolver=newInternalResourceViewResolver();//请求视图文件的前缀地址
internalResourceViewResolver.setPrefix("/WEB-INF/jsp/");//请求视图文件的后缀
internalResourceViewResolver.setSuffix(".jsp");return internalResourceViewResolver;}/**
* 视图配置
* @param registry
*/@OverridepublicvoidconfigureViewResolvers(ViewResolverRegistry registry){super.configureViewResolvers(registry);
registry.viewResolver(resourceViewResolver());/*registry.jsp("/WEB-INF/jsp/",".jsp");*/}目前SpringCloud项目或者微服务项目,前后端都会进行分离,所以页面跳转和视图解析器可能会比较少,如果是我们SpringMVC项目,一般会在xml配置这些内容。
addCorsMappings:跨域
@OverridepublicvoidaddCorsMappings(CorsRegistry registry){super.addCorsMappings(registry);
registry.addMapping("/cors/**").allowedHeaders("*").allowedMethods("POST","GET").allowedOrigins("*");}如果不使用WebMvcConfigurer的addCorsMappings实现跨域,也可以自己写过滤器实现,如下:
@ConfigurationpublicclassCorsConfig{publicCorsConfig(){}@BeanpublicCorsFiltercorsFilter(){// 1. 添加cors配置信息CorsConfiguration config=newCorsConfiguration();
config.addAllowedOrigin("*");// 设置是否发送cookie信息
config.setAllowCredentials(true);// 设置允许请求的方式
config.addAllowedMethod("*");// 设置允许的header
config.addAllowedHeader("*");// 2. 为url添加映射路径UrlBasedCorsConfigurationSource corsSource=newUrlBasedCorsConfigurationSource();
corsSource.registerCorsConfiguration("/**", config);// 3. 返回重新定义好的corsSourcereturnnewCorsFilter(corsSource);}}更多方法的详细说明和实现可参考https://blog.csdn.net/zhangpower1993/article/details/89016503
测试拦截器
浏览器输入拦截器拦截的路径
http://localhost:8090/user/getUserInfoByUserId?userId=1011
后台控制台输出
http://localhost:8090/user/getUserInfoByUserId?userId=1011