SpringBoot登录用户权限拦截器

package com.xgf.online_mall.interceptor;

import com.xgf.online_mall.system.domain.user;
import lombok.extern.slf4j.slf4j;
import org.springframework.stereotype.component;
import org.springframework.web.servlet.handlerinterceptor;
import org.springframework.web.servlet.modelandview;

import javax.servlet.http.httpservletrequest;
import javax.servlet.http.httpservletresponse;
import java.io.bufferedwriter;
import java.io.filewriter;
import java.nio.file.files;
import java.nio.file.path;
import java.nio.file.paths;
import java.text.simpledateformat;
import java.util.date;
import java.util.logging.simpleformatter;

@slf4j
@component
public class userloginauthinterceptor implements handlerinterceptor {
  @override
  public boolean prehandle(httpservletrequest request, httpservletresponse response, object handler) throws exception {
    log.info(" ======== userauthinterceptor prehandle 登录权限拦截器拦截");
    user user = (user) request.getsession().getattribute("loginuser");
    //未登录才判断，登录了直接放行
    if(user == null){
      //获取访问路径
      string address = request.getrequesturi();
      log.info("======== 拦截，访问路径 address : {}", address);
      response.sendredirect(request.getcontextpath() + "/login.html");
      return false;

      /*string address = request.getrequesturi();
      log.info("======== 拦截，访问路径 address : {}", address);
      //不是登录或者注册页面，就直接跳转登录界面
      if(!address.contains("login") && !address.contains("register")){
        //强制到登录页面
        response.sendredirect(request.getcontextpath() + "/login.html");
        //设置为false，不访问controller
        return false;
      }*/
    }
    //其它模块或者已经登录，就直接放行
//    log.info("======== 已登录 user = {}", user);
    return true;
  }


  @override
  public void posthandle(httpservletrequest request, httpservletresponse response, object handler, modelandview modelandview) throws exception {
    log.info(" ===== userauthinterceptor posthandle");
  }

  @override
  public void aftercompletion(httpservletrequest request, httpservletresponse response, object handler, exception ex) throws exception {
    log.info("==== userauthinterceptor aftercompletion");

    //记录日志 向文件里面写日志
    //获取服务器记录日志log文件所存放的目录位置 -- tomcat下的真实路径+log目录
    string logdir = request.getservletcontext().getrealpath("log");
    //路径不存在就创建
    path logdirpath = paths.get(logdir);
    if(files.notexists(logdirpath)){
      files.createdirectories(logdirpath);
    }
    //目录存在就将数据[字符]写入 //存放日志的路径+文件名
    path logfile = paths.get(logdir,"userlog.log");
    //logfile.tofile() paths转换为file类型 true以追加的方式写入
    bufferedwriter writer = new bufferedwriter(new filewriter(logfile.tofile(),true));

    //获取登录用户信息
    user user = (user)request.getsession().getattribute("loginuser");
    //记录user信息，存入日志
    writer.write(new simpledateformat("yyyy-mm-dd hh:mm:ss").format(new date()) + " >> " + user +"\r\n");
    writer.flush();
    writer.close();
  }
}

import com.xgf.online_mall.constant.pathconstantparam;
import com.xgf.online_mall.interceptor.userloginauthinterceptor;
import lombok.extern.slf4j.slf4j;
import org.springframework.beans.factory.annotation.autowired;
import org.springframework.context.annotation.configuration;
import org.springframework.web.servlet.config.annotation.interceptorregistry;
import org.springframework.web.servlet.config.annotation.webmvcconfigurer;

import java.util.arraylist;
import java.util.list;

@configuration
@slf4j
public class loginconfig implements webmvcconfigurer {
  @autowired
  private userloginauthinterceptor userloginauthinterceptor;

  /**
   * addinterceptors方法设置拦截路径
   *   addpathpatterns：需要拦截的访问路径
   *   excludepathpatterns：不需要拦截的路径，
   *   string数组类型可以写多个用","分割
   * @param registry
   */
  @override
  public void addinterceptors(interceptorregistry registry){
    log.info(" ======== loginconfig.addinterceptors");
    //添加对用户未登录的拦截器，并添加排除项
    //error路径，excludepathpatterns排除访问的路径在项目中不存在的时候，
    //springboot会将路径变成 /error, 导致无法进行排除。
    registry.addinterceptor(userloginauthinterceptor)
        .addpathpatterns("/**")
        .excludepathpatterns("/js/**", "/css/**", "/img/**", "/plugins/**")
        .excludepathpatterns("/login.html", "/register.html", "/system/user/login", "/system/user/login", "/index")
        .excludepathpatterns("/error");
  }
 }