package org.example.util; import cn.hutool.json.JSONUtil; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import org.apache.commons.lang3.StringUtils; import org.example.pojo.User; import org.example.server.UserService; import org.example.server.impl.UserServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * @program: demo * @description: * @create: 2024-07-29 11:15 **/ @Component public class LoginInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 假设登录状态信息保存在 session 中,这里简单示例,实际项目中可能会有自己的登录状态判断逻辑 String token = null; // 如果是 OPTIONS 请求,我们就让他通过,不管他 if (request.getMethod().equals("OPTIONS")) { response.setStatus(HttpServletResponse.SC_OK); return true; }else { token = request.getHeader("token"); } if(StringUtils.isEmpty(token)){ // 未登录,返回未授权错误码或重定向到登录页 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 返回 401 未授权状态码 response.setCharacterEncoding("UTF-8"); response.getWriter().write("请登录"); return false; } User user = JwtUtil.verify(token); String s = RedisUtil.get(user.getId().toString()); if(StringUtils.isEmpty(s) && s.equals(token)){ // 未登录,返回未授权错误码或重定向到登录页 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 返回 401 未授权状态码 response.setCharacterEncoding("UTF-8"); response.getWriter().write("请登录"); return false; } return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } }