我要评论使用aop切面编程实现登录拦截
1. 首先实现一个登录注册功能
以下代码仅供参考
控制层
@restcontroller
@requestmapping("/user")
public class usercontroller {
@autowired
private userservice userservice;
@postmapping("/register")
public result register(@requestbody userdto userdto) {
userservice.adduser(userdto);
return result.success("注册成功");
}
@postmapping("/login")
public result<userloginvo> login(@requestbody userdto userdto) {
userloginvo userloginvo = userservice.login(userdto);
return result.success(userloginvo);
}
}业务层
@service
public class userserviceimpl implements userservice {
@autowired
private usermapper usermapper;
@resource
private redistemplate<string,string> redistemplate;
/**
* 新增用户/注册
* @param userdto
*/
public void adduser(userdto userdto) {
user user = usermapper.selectbyusername(userdto.getusername());
if (user != null) {
throw new businessexception(responsecodeenum.code_601);
}
user = new user();
beanutils.copyproperties(userdto, user);
user.setcreatetime(new date());
user.setlogintime(new date());
usermapper.insert(user);
}
@override
public userloginvo login(userdto userdto) {
user user = usermapper.selectbyusernameandpassword(userdto.getusername(),userdto.getpassword());
if (user == null) {
throw new businessexception("用户名或密码错误");
}
string token = uuid.randomuuid().tostring();
redistemplate.opsforvalue().set("logindemo:user:token:" + token, user.getid().tostring());
userloginvo userloginvo = new userloginvo();
userloginvo.setuser(user);
userloginvo.settoken(token);
return userloginvo;
}
}mapper层
@mapper
public interface usermapper extends basemapper<user>{
void adduser(user user);
@select("select * from user where username = #{username}")
user selectbyusername(string username);
user selectbyusernameandpassword(string username,string password);
}usermapper.xml
<?xml version="1.0" encoding="utf-8" ?>
<!doctype mapper public "-//mybatis.org//dtd mapper 3.0//en" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.kkk.mapper.usermapper">
<insert id="adduser">
insert into user (
username,
password,
email
) values (
#{username},
#{password},
#{email}
)
</insert>
<select id="selectbyusernameandpassword" resulttype="com.kkk.domain.entity.user">
select * from user
<where>
<if test="username != null and username != ''">
and user.username = #{username}
</if>
<if test="password != null and password != ''">
and user.password = #{password}
</if>
</where>
</select>
</mapper>以上代码仅供参考,具体逻辑可以根据自己的业务来实现
2. 补充介绍
以上提供的示例代码逻辑大致为用户登录后根据uuid生成一个token,接着将token作为唯一标识键存入redis缓存中,值为用户id,之后可以根据用户请求头中的token去redis中获取用户id,当然你也可以根据自己的实际需求来。
3.aop切面编程实现登录拦截校验
首先目录结构如图所示
globalinterceptor类
@target({elementtype.method, elementtype.type})
@retention(retentionpolicy.runtime)
@documented
@mapping
public @interface globalinterceptor {
/**
* 校验登录
*
* @return
*/
boolean checklogin() default true;
/**
* 校验管理员
*
* @return
*/
boolean checkadmin() default false;
}globaloperationaspect类
@component("operationaspect")
@aspect
public class globaloperationaspect {
@resource
private redistemplate<string,string> redistemplate;
@resource
private usermapper usermapper;
private static logger logger = loggerfactory.getlogger(globaloperationaspect.class);
@before("@annotation(com.kkk.annotation.globalinterceptor)")
public void interceptordo(joinpoint point) {
try {
method method = ((methodsignature) point.getsignature()).getmethod();
globalinterceptor interceptor = method.getannotation(globalinterceptor.class);
if (null == interceptor) {
return;
}
/**
* 校验登录
*/
if (interceptor.checklogin() || interceptor.checkadmin()) {
checklogin(interceptor.checkadmin());
}
} catch (businessexception e) {
logger.error("全局拦截器异常", e);
throw e;
} catch (exception e) {
logger.error("全局拦截器异常", e);
throw new businessexception(responsecodeenum.code_500);
} catch (throwable e) {
logger.error("全局拦截器异常", e);
throw new businessexception(responsecodeenum.code_500);
}
}
//校验登录
private void checklogin(boolean checkadmin) {
httpservletrequest request = ((servletrequestattributes) requestcontextholder.getrequestattributes()).getrequest();
string token = request.getheader("token");
string value = redistemplate.opsforvalue().get("logindemo:user:token:"+token);
if (value == null) {
throw new businessexception("登录超时");
}
long userid = long.valueof(value);
user user = usermapper.selectbyid(userid);
if (user == null) {
throw new businessexception("请求参数错误,请联系管理员");
}
if (checkadmin) {
// 校验是否为管理员操作权限
// 后续处理
}
}
}接下来只需要在需要拦截的接口处添加自定义注解就可以了
如:
@restcontroller
@requestmapping("/test")
public class testcontroller {
@globalinterceptor
@getmapping("/test")
public string test() {
return "ok";
}
}4. 测试
首先登录后获取用户token
再将token放入请求头中
一个aop切面编程实现的登录拦截就实现了
到此这篇关于springboot中使用aop切面编程实现登录拦截的文章就介绍到这了,更多相关springboot 登录拦截内容请搜索代码网以前的文章或继续浏览下面的相关文章希望大家以后多多支持代码网!
发表评论