具体步骤:

1.登陆拦截器继承HandlerInterception接口,拦截Http请求


2.重写preHandler方法,返回类型为布尔型,true代表放行,false代表不放行,获取Http请求的请求头,验证token是否存在、有效,如果有效则将token放入线程本地变量保管

3.重写afterCompletion方法 清除线程本地变量里的token

4.实现,重写addHandlerInterception方法,将登录拦截器注册到web mvc配置中,指明拦截的URL

实现拦截器
package com.imooc.passbook.passbook.handler; import
com.imooc.passbook.passbook.constant.LoginConstant; import
com.imooc.passbook.passbook.utils.token.TokenUtil; import
org.springframework.stereotype.Component; import
org.springframework.util.StringUtils; import
org.springframework.web.servlet.ModelAndView; import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import
javax.servlet.http.HttpServletRequest; import
javax.servlet.http.HttpServletResponse; /** * 登陆拦截器 *
配置拦截器的内容在:com.imooc.passbook.passbook.config.WebLoginConfig 中 * */ @Component
public class LoginHandle extends HandlerInterceptorAdapter { @Override public
boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object handler) throws Exception { if
(request.getServletPath().matches(LoginConstant.NO_FILTER_PATH)) { //开放地址 不与拦截
return true; } if
(!StringUtils.isEmpty(request.getHeader(LoginConstant.TOKEN_HEADER))) { String
token = request.getHeader(LoginConstant.TOKEN_HEADER); //将 token 放入线程本地变量
boolean isExpire=false; //todo 验证用户token 是否有效 if(isExpire){
TokenUtil.removeToken();
response.setStatus(LoginConstant.TOKEN_NOT_FOUND_STATUS); throw new
RuntimeException("用户身份已过期"); } TokenUtil.setToken(token);
System.out.println(TokenUtil.getToken()+" ===== already login"); return true; }
else { response.setStatus(LoginConstant.TOKEN_NOT_FOUND_STATUS); throw new
RuntimeException("用户token 缺失"); } } @Override public void
postHandle(HttpServletRequest request, HttpServletResponse response, Object
handler, ModelAndView modelAndView) throws Exception {
super.postHandle(request, response, handler, modelAndView); } @Override public
void afterCompletion(HttpServletRequest request, HttpServletResponse response,
Object handler, Exception ex) throws Exception { super.afterCompletion(request,
response, handler, ex); //清除token信息 TokenUtil.removeToken(); } @Override public
void afterConcurrentHandlingStarted(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
super.afterConcurrentHandlingStarted(request, response, handler); } }
配置拦截器
package com.imooc.passbook.passbook.config; import
com.imooc.passbook.passbook.handler.LoginHandle; import
org.springframework.beans.factory.annotation.Autowired; import
org.springframework.context.annotation.Bean; import
org.springframework.context.annotation.Configuration; import
org.springframework.web.servlet.config.annotation.InterceptorRegistry; import
org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration public class WebLoginConfig implements WebMvcConfigurer {
@Autowired public LoginHandle loginHandle; // @Bean // public LoginHandle
getLoginHandler(){ // return new LoginHandle(); // } @Override public void
addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(loginHandle).addPathPatterns("/**/**"); } }