springMVC.xml
<mvc:interceptors> <!-- 多个拦截器,顺序执行,不需要登陆的接口都需要在此配置!!!!!!!!! --> <mvc:interceptor> <!-- <mvc:mapping path="/front/**" /> --><!-- 如果不配置或/*,将拦截所有的Controller --> <mvc:mapping path="/**"/> <bean name="titleInterceptor" class="cn.zsmy.interceptor.TitleInterceptor"> <!-- 不拦截的url --> <property name="uncheckUrls"> <list> <value>/login</value> <value>/doLogin</value> <value>/mobile2/login.json</value> <value>/mobile2/register.json</value> <value>/mobile2/regCheckCode.json</value> <value>/mobile2/register_sms.json</value> <value>/mobile2/reset_pwd_sms.json</value> <value>/mobile2/editpassword.json</value> <value>/mobile2/resetpwd_check_code.json</value> <value>/mobile2/version/check_version.json</value> <value>/mobile2/home_tips.json</value> <value>/mobile2/sys/uploadlog.json</value> <value>/mobile2/activity/list_recomme.json</value> <value>/mobile2/medicine/medicines.json</value> <value>/mobile2/medicine/list.json</value> <value>/mobile2/inspectionItem/inspection_item_detail.json</value> <value>/mobile2/symptom/symptoms.json</value> <value>/mobile2/deptmedicine/dept_medicine.json</value> <value>/mobile2/symptommedicine/symptom_medicine.json</value> <value>/mobile2/inspectionItem/inspection_items.json</value> <value>/mobile2/idict/professional_title.json</value> <!-- <value>/mobile2/area/getProvinceList.json</value> --> <value>/mobile2/area/getCityList.json</value> <value>/mobile2/activity/list.json</value> <value>/mobile2/activity/deposits.json</value> <value>/mobile2/forum_plate/list.json</value> </list> </property> </bean> </mvc:interceptor> </mvc:interceptors>
TitleInterceptor.java
import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import cn.zsmy.constant.Constant; import cn.zsmy.utils.GetIP; public class TitleInterceptor extends HandlerInterceptorAdapter { /*@Autowired private UserService userService;*/ private List<String> uncheckUrls; //免登入 免检查地址 public List<String> getUncheckUrls() { return uncheckUrls; } public void setUncheckUrls(List<String> uncheckUrls) { this.uncheckUrls = uncheckUrls; } /*@Autowired public RedisUtil redisUtil;*/ @Override public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception { //未配置单设备登录控制或这配置为1,就拦截 String requestUrl = request.getRequestURI(); Constant.MY_LOG.info("===> url:" + requestUrl+"=====请求ip" + GetIP.getIpAddr(request)); //接口访问频率检查限制 /* String key = "req_limit_".concat(requestUrl).concat(request.getLocalAddr()); long count = redisUtil.increment(key, 1); if (count == 1) { redisUtil.expire(key, 3, TimeUnit.SECONDS); } if (count > 5) { Constant.MY_LOG.debug("超过了限定的次数[" + 5 + "]"); throw new BusinessException("req_limit", "指定时间内请求超过了限定的次数"); //throw new BusinessException(ReturnCode.Other.OTHER_DEVICE_LOGIN, ReturnCode.Other.OTHER_DEVICE_LOGIN_MSG); }*/ //单一设备登录检查控制 /*if(StringUtils.isEmpty(DictInit.dictMap.get(Constant.Dict.SINGLE_DEVICE_LOGIN)) || "1".equals(DictInit.dictMap.get(Constant.Dict.SINGLE_DEVICE_LOGIN))){ if(uncheckUrls.contains(requestUrl)) { return true; } else { Subject subject = SecurityUtils.getSubject(); User account = (User) subject.getPrincipal(); if(account != null){ User user = userService.findById(account.getId()); if(user != null){ String sessionId = getCookieByName(request, "JSESSIONID").getValue(); if(!StringUtil.isEmpty(user.getSessionId()) && !StringUtil.isEmpty(sessionId) && !user.getSessionId().equals(sessionId)){ throw new BusinessException(ReturnCode.Other.OTHER_DEVICE_LOGIN, ReturnCode.Other.OTHER_DEVICE_LOGIN_MSG); } } } } }*/ return true; } @Override public void postHandle(HttpServletRequest request,HttpServletResponse response, Object handler,ModelAndView modelAndView) throws Exception { Constant.MY_LOG.debug("===> HandlerInterceptor postHandle"); } @Override public void afterCompletion(HttpServletRequest request,HttpServletResponse response, Object handler, Exception ex) throws Exception { Constant.MY_LOG.debug("===> HandlerInterceptor afterCompletion"); } /** * 根据名字获取cookie * @param request * @param name cookie名字 * @return */ public static Cookie getCookieByName(HttpServletRequest request,String name){ Map<String,Cookie> cookieMap = ReadCookieMap(request); if(cookieMap.containsKey(name)){ Cookie cookie = (Cookie)cookieMap.get(name); return cookie; }else{ return null; } } /** * 将cookie封装到Map里面 * @param request * @return */ private static Map<String,Cookie> ReadCookieMap(HttpServletRequest request){ Map<String,Cookie> cookieMap = new HashMap<String,Cookie>(); Cookie[] cookies = request.getCookies(); if(null!=cookies){ for(Cookie cookie : cookies){ cookieMap.put(cookie.getName(), cookie); } } return cookieMap; } }