Shulou(Shulou.com)06/02 Report--

This article mainly explains the "what is the application method of Java custom annotations in login verification". The explanation in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what is the application method of Java custom annotations in login verification".

Java comments

Starting with JDK 5, Java has added new features of annotations, which are actually special tags in the code that can be read during compilation, class loading, and run time, and embed annotation information into the source file without changing the original logic of the code. Then get the annotation information by returning, and deal with different logic according to different annotation information. Java has the following meta-Annotation:

@ Retention

How long the @ Retention modifier Annotation can be retained, containing only one RetentionPolicy and one member variable.

The RetentionPolicy.CLASS default value, and the compiler records the Annotation in the class file. When running the Java program, JVM cannot get the Annotation information.

RetentionPolicy.RUNTIME compiler records Annotation in class file. When running Java program, JVM can get Annotation information and Annotation information through reflection. Custom annotations use this variable more often.

RetentionPolicy.SOURCE Annotation is kept only in the source code (that is, the Java file), and the compiler discards Annotation directly.

@ Target

@ Target modifies an Annotation definition, which indicates where Annotation can be decorated:

ElementType.TYPE classes, interfaces, and enumerations

ElementType.FIELD member variable

ElementType.METHOD method

ElementType.PARAMETER package definition

ElementType.CONSTRUCTOR constructor

ElementType.ANNOTATION_TYPE Annotation

ElementType.PARAMETER parameter

Login comment @ Logined

Annotation requirement

Take e-commerce system as an example, the request back-end interfaces are divided into two categories: access after login and no need for login access, so different processing needs to be done according to different needs. Interfaces that do not require login need not be processed, and interfaces that need to log in need to verify the request at each request. In Spring, you can use the interceptor to verify login information, and whether login verification is required. This requires annotations.

First, create an annotation @ Logined, which implements the function: add the annotation to the interface that needs to be logged in to access, you can add it to the class and method. If you add it to the class, all request methods under the class need login authentication. Add to the method, only for that method needs to be validated. The @ Logined annotation is defined as follows:

@ Target ({ElementType.METHOD, ElementType.TYPE}) @ Retention (RetentionPolicy.RUNTIME) @ Documentedpublic @ interface Logined {/ * whether login is required to allow access to * * @ return * / boolean isLogined () default true;}

Setting ElementType.METHOD and ElementType.TYPE for @ Target means that annotations can be modified on classes and methods, and @ Retention setting RetentionPolicy.RUNTIME requires that JVM can get the annotation information at run time. IsLogined is a member variable of the annotation, which will be discussed later.

First define a Controller controller:

@ RestController@Loginedpublic class TestController {@ GetMapping ("/ login") public String login () {return "need login";}} get the @ Logined annotation on the interceptor

Each time a http request is sent, it goes into the interceptor.

Public class MyInterceptor extends HandlerInterceptorAdapter {@ Override public boolean preHandle (HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {if (! (handler instanceof HandlerMethod)) {return true;} HandlerMethod handlerMethod = (HandlerMethod) handler; Method method = handlerMethod.getMethod (); boolean isLogin = this.isLogin (method); if (! isLogin) {return true;} / / the login information is verified here, such as token authentication, cookie authentication return true } private boolean isLogin (Method method) {/ / get the header value of the method Logined classLogined = method.getDeclaringClass () .getAnnotation (Logined.class); Logined methodLogined = method.getAnnotation (Logined.class); / / return isLogined if (classLogined! = null & & methodLogined = = null) {System.out.println (classLogined.isLogined ()); return classLogined.isLogined () } / / method is not annotated, then find the class annotation if ((classLogined! = null & & methodLogined! = null) | | (classLogined = = null & & methodLogined! = null)) {return methodLogined.isLogined ();} return false;}}

Interceptor flow:

Get the method corresponding to the request class

Find @ Logined annotations on methods and @ Logined annotations on classes through reflection

If there is a @ Logined annotation on the class and there is no @ Logined annotation on the method, return the isLogined of the @ Logined annotation of the class

If both the class and method have @ Logined annotations or the class does not have @ Logined method annotations, return the isLogined of the method

After the above judgment, if the return is false, the subsequent login information verification will not be carried out, otherwise login information verification will be required. Login information verification can be token authentication, cookie authentication.

Thank you for reading, the above is the content of "what is the application method of Java custom annotations in login verification". After the study of this article, I believe you have a deeper understanding of what is the application method of Java custom annotations in login verification, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.