我在Spring MVC中有以下拦截器,它检查用户是否可以访问处理程序方法:
class AccessInterceptor : HandlerInterceptorAdapter() {
override fun preHandle(request: HttpServletRequest, response: HttpServletResponse, handler: Any?): Boolean {
val auth: Auth =
(if (method.getAnnotation(Auth::class.java) != null) {
method.getAnnotation(Auth::class.java)
} else {
method.declaringClass.getAnnotation(Auth::class.java)
}) ?: return true
if (auth.value == AuthType.ALLOW) {
return true
}
val user = getUserFromRequest(request) // checks request for auth token
// and checking auth for out user in future.
return renderError(403, response)
在我的控制器中,我做了注释方法,如下所示:
@GetMapping("/foo")
@Auth(AuthType.ALLOW)
fun doesntNeedAuth(...) { ... }
@GetMapping("/bar")
@Auth(AuthType.ADMIN)
fun adminMethod(...) { ... }
如果用户具有错误的令牌或没有权限,则返回错误 .
是否可以在带有注释式控制器的Spring WebFlux中执行此操作?