springboot下的用戶上下文和攔截器

兄弟們,你是否見(jiàn)過(guò),很多項(xiàng)目或者框架中在項(xiàng)目的任何位置,都可以通過(guò)上下文或者某些util直接獲取貫穿整個(gè)請(qǐng)求的對(duì)象,比如用戶對(duì)象,例如在你任意的代碼里,直接調(diào)用 SecurityUtil.getCurrentUser();就可以得到當(dāng)前登錄的用戶信息,簡(jiǎn)單,快捷,隨用隨取,那叫一個(gè)方便,下面讓老王帶你一探究竟

其實(shí)就是在程序的入口獲取到用戶信息,并且把用戶信息存的ThreadLocal中,廢話不多說(shuō),直接上代碼

用戶上下文創(chuàng)建,采用netty中FastThreadLocal來(lái)實(shí)現(xiàn),告別內(nèi)存泄漏,實(shí)現(xiàn)快準(zhǔn)穩(wěn)

引入maven依賴

<dependency>
     <groupId>io.netty</groupId>
     <artifactId>netty-all</artifactId>
     <version>4.1.66.Final</version>
</dependency>
登錄用戶上下文
import com.wlc.doc.model.User;
import io.netty.util.concurrent.FastThreadLocal;

/**
 *登錄用戶上下文
 */
public class UserContext {
    /**FastThreadLocal快,穩(wěn),沒(méi)內(nèi)存泄露問(wèn)題*/
    private static FastThreadLocal<User> userHolder = new FastThreadLocal();
   /**
    *設(shè)置用戶到 FastThreadLocal
    */
    public static void setUser(User loginUser) {
        userHolder.set(loginUser);
    }
    /**
     *從FastThreadLocal中獲取用戶
     */
    public static User getUser() {
        return userHolder.get();
    }
    /**
     *清除FastThreadLocal,反之內(nèi)存泄露
     */
    public static void remove() {
         userHolder.remove();
    }
}
登錄token攔截器閹割版
import com.wlc.doc.annotation.IgnoreAuth;
import com.wlc.doc.http.constant.HttpCode;
import com.wlc.doc.interceptor.token.JwtUtil;
import com.wlc.doc.interceptor.token.TokenUser;
import com.wlc.doc.interceptor.token.UserContext;
import com.wlc.doc.model.User;
import com.wlc.doc.http.response.Result;
import com.wlc.doc.http.response.ResultBuilder;
import com.wlc.doc.util.BeanCopierUtil;
import com.wlc.doc.util.JsonUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.reflect.Method;






/**
 * 登錄token攔截器
 * @author IT學(xué)習(xí)道場(chǎng)
 * @create 2019-08-24 15:35
 */
@Slf4j
@Component
public class LoginInterceptor extends HandlerInterceptorAdapter {
    private static final String TOKEN = "token";

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        if("OPTIONS".equals(request.getMethod().toUpperCase())) {
            System.out.println("Method:OPTIONS");
            return true;
        }
        if (!(handler instanceof HandlerMethod)) {
            return true;
        }
        String token = request.getHeader(TOKEN);
        // 從參數(shù)中獲取token
        if (ObjectUtils.isEmpty(token)) {
            token = request.getParameter(TOKEN);
        }
        //獲取用戶信息的問(wèn)題
        if (!ObjectUtils.isEmpty(token)){
            User loginUser = getUser(request, response, token);
            UserContext.setUser(loginUser);
        }
        return super.preHandle(request, response, handler);
    }
  //攔截器的后置處理器
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        //手動(dòng)清除當(dāng)前用戶上下文的用戶對(duì)象
        UserContext.remove();
    }

    private User getUser(HttpServletRequest request, HttpServletResponse response, String token) {
        // 然后根據(jù)token獲取用戶登錄信息,
        TokenUser tokenUser = JwtUtil.decodeToken(token);
        User loginUser = BeanCopierUtil.copyProperties(tokenUser, User.class);
        // 如果這里校驗(yàn)用戶信息失敗,則直接拋出異常
        return loginUser;
    }
   
}
攔截器注冊(cè)到攔截器容器中使之生效

import com.wlc.doc.interceptor.AccessLimitInterceptor;
import com.wlc.doc.interceptor.LoginInterceptor;
import com.wlc.doc.interceptor.token.LoginUserArgumentResolver;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.List;

/**
 * mvc攔截器配置類
 * @author IT學(xué)習(xí)道場(chǎng)
 * @create 2019-08-24 15:35
 */
@Configuration
public class SpringMvcConfig implements WebMvcConfigurer {
    @Autowired
    LoginInterceptor loginInterceptor;
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(loginInterceptor)
                .addPathPatterns("/**");
    }
}
流程:request --> loginInterceptor --> preHandle --> token獲取并且解析出用戶信息 --> set到UserContext的FastThreadLocal中,獲取,用UserContext的get就行,不存在內(nèi)存泄漏問(wèn)題,F(xiàn)astThreadLocal后端會(huì)有定時(shí)器自動(dòng)清理,不需要操心,或者為了最好的安全起見(jiàn),可以在后置處理中進(jìn)行FastThreadLocal的清理






作者:IT學(xué)習(xí)道場(chǎng)

歡迎關(guān)注微信公眾號(hào) : IT學(xué)習(xí)道場(chǎng)