基于拦截器对token 进行时间校验
- 主要是需要继承 HandlerInterceptorAdapter类重写拦截器方法进行逻辑处理
```java
/**
- Copyright (c) 2016-2019 人人开源 All rights reserved. *
- https://www.renren.io *
- 版权所有,侵权必究! */
package io.renren.interceptor;
import io.renren.annotation.Login; import io.renren.common.exception.RRException; import io.renren.entity.TokenEntity; import io.renren.service.TokenService; import org.apache.commons.lang.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
/**
- 权限(Token)验证 *
@author Mark sunlightcs@gmail.com */ @Component public class AuthorizationInterceptor extends HandlerInterceptorAdapter { @Autowired private TokenService tokenService;
public static final String USER_KEY = “userId”;
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Login annotation;if(handler instanceof HandlerMethod) {annotation = ((HandlerMethod) handler).getMethodAnnotation(Login.class);}else{return true;}if(annotation == null){return true;}//从header中获取tokenString token = request.getHeader("token");//如果header中不存在token,则从参数中获取tokenif(StringUtils.isBlank(token)){token = request.getParameter("token");}//token为空if(StringUtils.isBlank(token)){throw new RRException("token不能为空");}//查询token信息TokenEntity tokenEntity = tokenService.queryByToken(token);if(tokenEntity == null || tokenEntity.getExpireTime().getTime() < System.currentTimeMillis()){throw new RRException("token失效,请重新登录");}//设置userId到request里,后续根据userId,获取用户信息request.setAttribute(USER_KEY, tokenEntity.getUserId());return true;
} }
```
若有收获,就点个赞吧
0 人点赞
