Define a custom annotation

@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface UserAuthorization {

}
Copy the code

The @target annotation resolves which components the custom annotation can load, such as methods, classes, and properties

TYPE class, interface (including annotation TYPE), or enumeration declaration
FIELD FIELD declarations (including enumeration constants)
METHOD METHOD declaration
PARAMETER Specifies the PARAMETER form
CONSTRUCTOR CONSTRUCTOR declaration
LOCAL_VARIABLE Local variable declaration
ANNOTATION_TYPE Annotation type declaration
PACKAGE bag
TYPE_PARAMETER Specifies the type parameter
TYPE_USE Use type

The Retention annotation determines the lifetime of this custom annotation

SOURCE Annotations exist only in Java source filesComments will be discarded after compilation
The annotations are still there when the CLASS is compiled into a.class file, but are not there when the CLASS loader loads them into memory
RUNTIME annotations have a life cycle that lasts as long as the program is running and can be read reflectively

Configure an interceptor

@Configuration public class WebAppConfig implements WebMvcConfigurer { @Override public void AddInterceptors (InterceptorRegistry registry) {/ * * * add interceptors * / registry. AddInterceptor (new AuthorizationInterceptor2 ()) .addPathPatterns("/api/**"); }}Copy the code

Implementation of interceptors

Public class AuthorizationInterceptor2 extends HandlerInterceptorAdapter {/ * * * the Request of the Key Key * / public static final String REQUEST_CURRENT_KEY ="REQUEST_CURRENT_KEY"; /** * Private String httpHeaderName ="sessionId"; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object Handler) throws Exception {/** * if it is not mapped to a method directly pass */if(! (handler instanceof HandlerMethod)) {return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Method method = handlerMethod.getMethod();
        String token = request.getHeader(httpHeaderName);
        if(token ! = null && token.length() > 0) {/** ** return key based on token if not nulltrue
             */
            String key = "";
            if(key ! = null) { request.setAttribute(REQUEST_CURRENT_KEY, key);return true; } /** * If the token validation fails and the method or class is specified with Authorization, an error */ is returnedif(method.getAnnotation(Authorization.class) ! = null || handlerMethod.getBeanType().getAnnotation(Authorization.class) ! = null) { throw new ApiException(ApiConstants.SESSIONIDEXCEPTION,"Permission exception");
        }
        request.setAttribute(REQUEST_CURRENT_KEY, null);
        return true; }}Copy the code

This allows you to add UserAuthorization to a class or method for permission control

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Permissions are easily controlled by annotations in Springboot

Define a custom annotation

Configure an interceptor

Implementation of interceptors

Permissions are easily controlled by annotations in Springboot

Define a custom annotation

Configure an interceptor

Implementation of interceptors

Related Posts

What does PHP asynchronous programming look like?

Binlog2sql, the data recovery tool you should know

Problem 49. – Groups of ectopes