首先咱们定义一个切入点(匹配com.ed.controller.Seller开头的controller的全部public方法)前端
@Pointcut("execution(public * com.ed.controller.Seller*.*(..))") public void checkToken() {}
而后在进入这些方法以前进行token校验redis
@Before("checkToken()") public void check() { ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpServletRequest request = attributes.getRequest(); //查询cookie
Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN); if (cookie == null) { log.warn("【token校验】Cookie中查不到token"); throw new SellerAuthorizeException(ResultEnum.TOKEN_ERROR); } //去redis里查询
String tokenValue = redisTemplate.opsForValue().get(String.format(RedisConstant.TOKEN_PREFIX, cookie.getValue())); if (StringUtils.isEmpty(tokenValue)) { log.warn("【token校验】Redis中查不到token"); throw new SellerAuthorizeException(ResultEnum.TOKEN_ERROR); } }
抛出的异常可定义一个handler进行拦截,并返回自定义的对象给前端cookie
@ControllerAdvice public class SellExceptionHandler {
@ExceptionHandler(value = SellerAuthorizeException.class) @ResponseBody public ResultVO handlerSellerException(SellerAuthorizeExceptione) { return ResultVOUtil.error(e.getCode(), e.getMessage()); } }
CookieUtil方法spa
/** * 获取cookie * @param request * @param name * @return */ public static Cookie get(HttpServletRequest request, String name) { Map<String, Cookie> cookieMap = readCookieMap(request); if (cookieMap.containsKey(name)) { return cookieMap.get(name); }else { return null; } } /** * 将cookie封装成Map * @param request * @return */ private static Map<String, Cookie> readCookieMap(HttpServletRequest request) { Map<String, Cookie> cookieMap = new HashMap<>(); Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie: cookies) { cookieMap.put(cookie.getName(), cookie); } } return cookieMap; }