72 lines
1.9 KiB
Markdown
72 lines
1.9 KiB
Markdown
# 检查登录状态
|
|
|
|
---
|
|
|
|
防止用户未登录,但是通过访问路径直接进入需要登录的界面(比如账户设置)
|
|
|
|
使用拦截器:
|
|
|
|
- 在方法前标注**自定义注解**
|
|
|
|
```java
|
|
/**
|
|
* 该注解配合拦截器使用,指明某个方法是否需要登录才能访问
|
|
*/
|
|
@Target(ElementType.METHOD)
|
|
@Retention(RetentionPolicy.RUNTIME)
|
|
public @interface LoginRequired {
|
|
}
|
|
```
|
|
|
|
在修改密码、修改头像和跳转至账户设置这三个方法上加上 `@LoginRequired` 注解
|
|
|
|
- 拦截所有的请求,只处理带有该注解的方法
|
|
|
|
```java
|
|
@Component
|
|
public class LoginRequiredInterceptor implements HandlerInterceptor {
|
|
|
|
@Autowired
|
|
private HostHolder hostHolder;
|
|
|
|
/**
|
|
* 在 Controller 执行之前被调用
|
|
* 判断某个方法是否存在 LoginRequired 注解
|
|
* 该存在该注解且用户未登录,则拒绝后续请求,跳转至登录界面
|
|
* @param request
|
|
* @param response
|
|
* @param handler
|
|
* @return
|
|
* @throws Exception
|
|
*/
|
|
@Override
|
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
|
if (handler instanceof HandlerMethod) {
|
|
HandlerMethod handlerMethod = (HandlerMethod) handler;
|
|
Method method = handlerMethod.getMethod();
|
|
LoginRequired loginRequired = method.getAnnotation(LoginRequired.class);
|
|
if (loginRequired != null && hostHolder.getUser() == null) {
|
|
response.sendRedirect(request.getContextPath() + "/login");
|
|
return false; // 拒绝后续请求
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
}
|
|
```
|
|
|
|
配置:
|
|
|
|
```java
|
|
// 对除静态资源外所有路径进行拦截
|
|
registry.addInterceptor(loginRequiredInterceptor)
|
|
.excludePathPatterns("/css/**", "/js/**", "/img/**");
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|