使用Interceptor拦截器
Filter 是在 Servlet 规范中定义的,是 Servlet 容器支持的。而拦截器是在 Spring容器内的,是Spring框架支持的。Filter在只在 Servlet 前后起作用。Filters 通常将 请求和响应(request/response) 当做黑盒子,Filter通常不考虑servlet 的实现。拦截器能够深入到方法前后、异常抛出前后等,因此拦截器的使用具有更大的弹性。允许用户介入请求的生命周期,在请求过程中获取信息,Interceptor 通常和请求更加耦合。在Spring构架的程序中,要优先使用拦截器。几乎所有 Filter 能够做的事情,interceptor 都能够轻松的实现。
下面我们实现之前用Filter实现的验证登陆程序
- 实现HandlerInterceptor接口,在preHandle验证登陆
import org.slf4j.LoggerFactoryimport org.springframework.http.MediaTypeimport org.springframework.web.servlet.HandlerInterceptorimport org.springframework.web.servlet.ModelAndViewimport java.lang.Exceptionimport javax.servlet.http.HttpServletRequestimport javax.servlet.http.HttpServletResponseclass CustomInterceptor: HandlerInterceptor{ var logger = LoggerFactory.getLogger(this::class.java)!! //在请求处理之前进行调用 override fun preHandle(request: HttpServletRequest, response: HttpServletResponse, handler: Any): Boolean { val httpServletRequest = request as? HttpServletRequest if (httpServletRequest != null && response != null) { //获取用户cookie val userCookie = httpServletRequest.cookies?.firstOrNull { it.name?.toLowerCase() == "userid" } //检查cookie的正确性 val userId = userCookie?.value?.toIntOrNull() ?: 0 if(userId <= 0){ val accept = httpServletRequest.getHeader("Accept") if (accept?.contains("json") == true) { response.contentType = MediaType.APPLICATION_JSON_VALUE val str = ObjectMapperExtension.instance.writeValueAsString(CommonResult(null, false, "No Access Token")) response.writer.print(str) } else { response.contentType = MediaType.ALL_VALUE response.writer.print("No Access Token") } return false } } logger.info("CustomInterceptor") return true } //请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后) override fun postHandle(request: HttpServletRequest, response: HttpServletResponse, handler: Any, modelAndView: ModelAndView?) { logger.info("postHandle") } //在整个请求结束之后被调用,也就是在DispatcherServlet 渲染了对应的视图之后执行(主要是用于进行资源清理工作) override fun afterCompletion(request: HttpServletRequest, response: HttpServletResponse, handler: Any, ex: Exception?) { logger.info("afterCompletion") }}
- 注册到容器
import org.springframework.context.annotation.Configurationimport org.springframework.web.servlet.config.annotation.InterceptorRegistryimport org.springframework.web.servlet.config.annotation.WebMvcConfigurer@Configurationclass MyWebMvcConfigurerAdapter: WebMvcConfigurer { override fun addInterceptors(registry: InterceptorRegistry) { registry.addInterceptor(CustomInterceptor()) //注册要拦截的url .addPathPatterns("/*") //排除url .excludePathPatterns("/login") }}