WebSecurityConfig.java

package cn.timer.api.config.interceptor;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.Resource;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import com.alibaba.fastjson.serializer.SerializerFeature;
import com.alibaba.fastjson.support.config.FastJsonConfig;
import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;

@Configuration
public class WebSecurityConfig implements WebMvcConfigurer {
	
	@Resource
	private UserMethodArgumentResolver userMethodArgumentResolver;
	
	@Bean
	public RedisSessionInterceptor getSessionInterceptor() {
		return new RedisSessionInterceptor();
	}

	@Override
	public void addInterceptors(InterceptorRegistry registry) {
		// 所有已api开头的访问都要进入RedisSessionInterceptor拦截器进行登录验证，并排除login接口(全路径)。必须写成链式，分别设置的话会创建多个拦截器。
		// 必须写成getSessionInterceptor()，否则SessionInterceptor中的@Autowired会无效
		//.excludePathPatterns("/")
		registry.addInterceptor(getSessionInterceptor())
				.addPathPatterns("/**")
				.excludePathPatterns("/doc*")
				.excludePathPatterns("/8timer/**")
				.excludePathPatterns("/kqz/punchclock/**")
				.excludePathPatterns("/kqz/sauserregdata/**")
				.excludePathPatterns("/login/*")
				.excludePathPatterns("/swagger*/**")
				.excludePathPatterns("/v2/api-docs")
				.excludePathPatterns("/druid/login*")
				.excludePathPatterns("/webjars/**");
		// registry.addInterceptor(getSessionInterceptor()).addPathPatterns("/**").excludePathPatterns("/swagger-ui*");
	}
	
	@Override
	public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
	    // 1.需要先定义一个convert 转换消息的对象
	    FastJsonHttpMessageConverter fastConverter = new FastJsonHttpMessageConverter();
	    // 2.添加fastJson的配置信息,比如，是否需要格式化返回的json数据
	    FastJsonConfig fastJsonConfig = new FastJsonConfig();
	    // 时间格式化
	    // fastJsonConfig.setDateFormat("yyyy-MM-dd HH:mm:ss");
	    // fastJsonConfig.setDateFormat("yyyy-MM-dd");
	    // 空值特别处理
	    // WriteNullListAsEmpty 将Collection类型字段的字段空值输出为[]
	    // WriteNullStringAsEmpty 将字符串类型字段的空值输出为空字符串 ""
	    // WriteNullNumberAsZero 将数值类型字段的空值输出为0
	    // WriteNullBooleanAsFalse 将Boolean类型字段的空值输出为false
	    fastJsonConfig.setSerializerFeatures(SerializerFeature.PrettyFormat, SerializerFeature.WriteNullListAsEmpty,
	        SerializerFeature.WriteNullStringAsEmpty);
	    // 处理中文乱码问题
	    List<MediaType> fastMediaTypes = new ArrayList<>();
	    fastMediaTypes.add(MediaType.APPLICATION_JSON_UTF8);
	    fastConverter.setSupportedMediaTypes(fastMediaTypes);
	    // 3.在convert中添加配置信息
	    fastConverter.setFastJsonConfig(fastJsonConfig);
	    // 4.将convert添加到converters当中
	    converters.add(fastConverter);

	}
	
	@Override
    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
        argumentResolvers.add(userMethodArgumentResolver);
    }
	
//	@Override
//    public void addCorsMappings(CorsRegistry registry) {
////        System.out.println("我是MyWebConfig跨域");
//        //设置允许跨域的路径
//        registry.addMapping("/**")
//                //设置允许跨域请求的域名
//                .allowedOrigins("*")
//                //是否允许证书 不再默认开启
//                .allowCredentials(true)
//                //设置允许的方法
//                .allowedMethods("*")
//                //跨域允许时间
//                .maxAge(3600);
//    }
}