前后端分离,springboot实现token拦截器,注解放行restfulAPI、白名单过滤

时间:2025-05-15 17:19:15

@des 登录拦截器
*/
@Component
public class LoginInterceptor extends HandlerInterceptorAdapter {

@Value(" s p r i n g . p r o f i l e s . a c t i v e " ) p r i v a t e S t r i n g a c t i v e ; @ V a l u e ( " {}") private String active; @Value(" spring.profiles.active")privateStringactive;@Value("{}")
private String visitorsIps;
@Value(" r e d i s . k e y . t o k e n . p r e f i x " ) p r i v a t e S t r i n g t o k e n R e d i s K e y P r e f i x ; @ V a l u e ( " {}") private String tokenRedisKeyPrefix; @Value(" redis.key.token.prefix")privateStringtokenRedisKeyPrefix;@Value("{}")
private String redisAccountPrefix;
@Autowired
private RedisMapper redisMapper;
@Resource
private AccountMapper accountMapper;

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = ();
// 接口放行注解
ExcludeInterceptor excludeInterceptor = ();
// 无需验证
if (null != excludeInterceptor) {
String ip = (request);
// 接口放行时,如果存在验证白名单验证注解 @VerifWhiteList,验证白名单
VerifWhiteList verifWhiteList = ();
if(null != verifWhiteList) {
// 1、拦截,不满足白名单
if (!(ip)) {
return false;
}
}
return (request, response, handler);
}
LoginUser loginUser = getUser(request, response);
if (null == loginUser) {
return false;
}
(loginUser);
}
return (request, response, handler);
}

private LoginUser getUser(HttpServletRequest request, HttpServletResponse response) throws Exception {
// 需要增加信息字段可通过此处进行扩充
LoginUser loginUser = new LoginUser();
// 开发环境, 模拟用户
if (()) {
(“123456”);
(“wxg”);
(“1”);
(“王旭光”);
(“127.0.0.1”);
} else {
String token = (“token”);
// header中无token
if ((token)) {
printJson(response, .HEADER_TOKEN_EXIST);
return null;
}

     /** 从redis中获取用户名,验证token有效性 **/
     String userName = (tokenRedisKeyPrefix + token);
     // token 无效
     if ((userName)) {
         printJson(response, .TOKEN_NOT_EXIST);
         return null;
     } else {
         // token续命2个小时
         (tokenRedisKeyPrefix + token, 43200);
         /** 根据用户名,获取登录用户必要信息 **/
         // 先从redis中获取是否有用户基本信息
         String loginUserStr = (redisAccountPrefix + userName);

         if ((loginUserStr)) {
             List<LoginUser> loginUsers = (userName);
             if (null != loginUsers && () == 1) {
                 loginUser = (0);
                 (redisAccountPrefix + userName, (loginUser),1800);
             } else {
                 printJson(response, .TOKEN_NOT_EXIST);
                 return null;
             }
         }
         // redis中已有用户信息
         else {
             loginUser = (loginUserStr, );
         }
         // 获取ip
         ((request));

     }
 }

 return loginUser;

}

private static void printJson(HttpServletResponse response, String code) {
String content = (new ()
.setStatus(.STATUS_ERROR)
.setErrorCode(code).builder());
printContent(response, content);
}

private static void printContent(HttpServletResponse response, String content) {
try {
();
(“application/json”);
(“Cache-Control”, “no-store”);
(“UTF-8”);
PrintWriter pw = ();
(content);
();
();
} catch (Exception e) {
();
}
}
}

相关文章