利用@LoginUser註解給使用者實體引數進行賦值
阿新 • • 發佈:2021-05-10
步驟一:寫個註解類指定該類作用到引數上
/**
* 登入使用者資訊
* @author Administrator
*
*/
@Target(ElementType.PARAMETER)
@Retention(RetentionPolicy.RUNTIME)
public @interface LoginUser {
}
步驟二:寫個攔截器將使用者的user_id寫入到request域中,中間忽略許可權校驗的業務程式碼
/**
* 許可權(Token)驗證
* @author Administrator
*
*/
@Component
public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
@Autowired
private RedisUtil redisUtil;
@Autowired
private IDoctorService doctorService;
public static final String USER_ID = "userId";
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
IgnoreAuth annotation;
if (handler instanceof HandlerMethod) {
annotation = ((HandlerMethod) handler).getMethodAnnotation(IgnoreAuth.class);
} else {
return true;
}
// 如果有@IgnoreAuth註解,則不驗證token
if (annotation != null) {
return true;
}
// 從header中獲取token
String token = request.getHeader("token");
// 如果header中不存在token,則從引數中獲取token
if (ValidatorUtil.isNull(token)) {
token = request.getParameter("token");
}
// token為空
if (ValidatorUtil.isNull(token)) {
throw new BusinessException(ResponseEnum.PROHIBIT_VISIT.getCode(), ResponseEnum.PROHIBIT_VISIT.getMsg());
}
// 查詢token資訊
String userId = redisUtil.get(RedisConstant.TOKEN_DOCTOR.concat(token));
if (ValidatorUtil.isNull(userId)) {
Doctor doctor = doctorService.getByToken(token);
if (null == doctor || LocalDateTime.now().isAfter(doctor.getExpireTime())) {
throw new BusinessException(ResponseEnum.PROHIBIT_VISIT.getCode(), ResponseEnum.PROHIBIT_VISIT.getMsg());
}
redisUtil.set(RedisConstant.TOKEN_DOCTOR.concat(doctor.getToken()), doctor.getId(), RedisConstant.DEFAULT_EXPIRE);
userId = String.valueOf(doctor.getId());
}
// 設定userId到request裡,後續根據userId,獲取使用者資訊
request.setAttribute(USER_ID, Integer.valueOf(userId));
return true;
}
}
步驟三:寫個方法引數的解析器類給註解的實體賦值
**
* 有@LoginUser註解的方法引數,注入當前登入使用者
* @author Administrator
*
*/
@Component
public class LoginUserHandlerMethodArgumentResolver implements HandlerMethodArgumentResolver {
@Autowired
private IDoctorService doctorService;
@Override
public boolean supportsParameter(MethodParameter parameter) {
return parameter.getParameterType().isAssignableFrom(Doctor.class)
&& parameter.hasParameterAnnotation(LoginUser.class);
}
@Override
public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer container, NativeWebRequest request,
WebDataBinderFactory factory) throws Exception {
// 獲取使用者名稱
Object object = request.getAttribute(AuthorizationInterceptor.USER_ID, RequestAttributes.SCOPE_REQUEST);
if (object == null) {
return null;
}
// 獲取使用者資訊
Doctor doctor = doctorService.getById((Integer) object);
doctor.setPassword(null);
doctor.setEsignPassword(null);
return doctor;
}
}
結果:請求帶此註解的方法引數已賦值