SessionInterceptor.java

package com.mtools.core.plugin.web.interceptor;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.method.HandlerMethod;

import com.mtools.core.plugin.annotation.AuthLogin;
import com.mtools.core.plugin.constant.CoreConstans;
import com.mtools.core.plugin.entity.UserInfo;
import com.mtools.core.plugin.helper.AIPGException;



/**
 * @author zhang
 * 登陆过滤器
 * 2014-4-14
 */
public class SessionInterceptor extends BaseInterceptor {

	private static final String INDEX_URL = "/login";
	List<UserInfo> onlineUser=null;
	@SuppressWarnings("unchecked")
	@Override
	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
		log.info("进入session超时拦截器，访问ip："+request.getRemoteHost()+"访问端口："+request.getRemotePort()+" 访问者："+request.getRemoteUser());
		log.info("进入session超时拦截器，访问URI："+request.getRequestURI());
		Object handlerObj = handler;
		boolean authLoginMethod = false;
		if(handlerObj instanceof HandlerMethod){
			HandlerMethod handlerMethod = (HandlerMethod)handlerObj;
			handlerObj = handlerMethod.getBean();
			AuthLogin auLogin = handlerMethod.getMethodAnnotation(AuthLogin.class);
			authLoginMethod = auLogin!=null;
		}else{
			return true;
		}
		if(authLoginMethod){
			return true;
		}
		onlineUser = (List<UserInfo>) request.getSession().getServletContext().getAttribute(CoreConstans.ONLINEUSERS);
		UserInfo user = (UserInfo) request.getSession().getAttribute(CoreConstans.LOGINGUSER);
		if(request.getSession().getAttribute(CoreConstans.LOGINGUSER)==null||(onlineUser!=null&&!onlineUser.contains(user))){
			request.getSession().removeAttribute(CoreConstans.LOGINGUSER);
			request.setAttribute(CoreConstans.REQUEST_URL, request.getContextPath()+INDEX_URL);
			throw new AIPGException(CoreConstans.EXCEPTON_02,"登陆超时,请重新登陆");
		} 
		return true;
	}
}