springmvc.xml配置如下:
除了 sysFile 下的所有接口,以及user下的loginUser接口,其他的所有接口都会经过拦截器UserInterceptor处理
<mvc:interceptors> <mvc:interceptor> <mvc:mapping path="/**" /> <mvc:exclude-mapping path="/sysFile/**" /> <mvc:exclude-mapping path="/users/loginUser.do" /> <bean class="com.test.interceptor.UserInterceptor" /> </mvc:interceptor> </mvc:interceptors>
public class UserInterceptor extends HandlerInterceptorAdapter{ @Autowired private IUsersService usersService; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { try { request.setCharacterEncoding("UTF-8"); } catch (UnsupportedEncodingException e) { return false; }
//获取前台传入userId String userId = request.getParameter("userId");
//获取前台传入的 token String token = request.getParameter("token");
//根据userId从数据库获取user信息 UsersVo usersVo = usersService.findUserById(userId); if(usersVo == null){ return false;//拦截 }
//判断前台传入的token 与 数据获取的token做比较 if(usersVo.getToken() == null || "".equals(usersVo.getToken()) || !usersVo.getToken().equals(token)){ return false;//拦截 }
//不拦截 return true; } }