导入的依赖均为JavaWeb界面在线配置代码生成器这篇文章,你只需将这篇文章的maven依赖导入即可。
SpringAop利用注解的特性进行日志管理,只需在对应的方法上加上自己编写的注解,即可完美实现日志管理。
日志管理的目的是,将后台管理人员,安卓人员,第三方人员每天请求的url和是谁操作的,在哪操作,使用什么系统操作,输入的那些参数,使用什么请求等等统统记录下来。方便异常排查和应对外来的web攻击。
关于Controller和spring-mvc.xml使用了shiro,关于shiro方面可以参考我的如下文章,进行学习:
MP实战系列(九)之集成Shiro
shiro实战系列
步骤如下:
一、编写注解类
package com.anotation;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface SysLog {
String type() default "";//日志类型
String action() default "";//作用
String method() default "";//请求方式
}
二、编写Aspect
package com.anotation;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.lang.reflect.Method;
import java.math.BigDecimal;
import javax.servlet.http.HttpServletRequest;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.entity.SysCompany;
import com.entity.SysUser;
import com.service.SysCompanyService;
import com.service.SysLogService;
import com.service.SysUserService;
import cn.hutool.core.date.DateUtil;
import cn.hutool.system.HostInfo;
import cn.hutool.system.OsInfo;
import cn.hutool.system.SystemUtil;
public class SysLogAspect {
@Autowired
private SysLogService sysLogService;
@Autowired
private SysUserService userService;
@Autowired
private SysCompanyService companyService;
/**
* 环绕通知
*
* @param joinPoint
* @return
* @throws Throwable
*/
public Object aroud(ProceedingJoinPoint joinPoint) throws Throwable {
// 开始时间
long beginTime = System.currentTimeMillis();
// 执行目标方法
Object result = joinPoint.proceed();
// 执行时长(毫秒)
long time = System.currentTimeMillis() - beginTime;
// 保存日志
saveSysLog(joinPoint, time);
return result;
}
/**
* 保存日志
*
* @param joinPoint
* @param time
*/
private void saveSysLog(ProceedingJoinPoint joinPoint, long time) {
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
Method method = signature.getMethod();
SysLog sysLog = method.getAnnotation(SysLog.class);
com.entity.SysLog log = new com.entity.SysLog();
HttpServletRequest request = ((ServletRequestAttributes)RequestContextHolder.getRequestAttributes()).getRequest();
//获取session
String userCode = (String) request.getSession().getAttribute("userCode");
//获取用户信息
EntityWrapper<SysUser> wrapper = new EntityWrapper<SysUser>();
wrapper.eq("user_code", userCode);
SysUser user = userService.selectOne(wrapper);
//获取公司信息
EntityWrapper<SysCompany> wrapper2 = new EntityWrapper<SysCompany>();
wrapper2.eq("company_code", user.getCorpCode());
SysCompany company = companyService.selectOne(wrapper2);
if (sysLog != null) {
HostInfo hostInfo = SystemUtil.getHostInfo();
OsInfo osInfo = SystemUtil.getOsInfo();
log.setLogType(sysLog.type());
log.setLogTitle(sysLog.action());
log.setRequestMethod(sysLog.method());
log.setRequestUri(request.getRequestURI());
log.setRemoteAddr(request.getRemoteAddr());
log.setDeviceName(osInfo.getName());
log.setBrowserName(request.getHeader("User-Agent"));
log.setRequestParams(request.getQueryString());
log.setCreateBy(user.getUserName());
log.setCreateByName(user.getUserName());
log.setCreateDate(DateUtil.date().toString());
log.setServerAddr(hostInfo.getAddress());
log.setExecuteTime(BigDecimal.valueOf(time));
log.setIsException("否");
log.setCorpCode(company.getCorpCode());
log.setCorpName(company.getCompanyName());
}
// 保存系统日志
sysLogService.insert(log);
}
}
三、在spring-mvc.xml配置aop
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c" xmlns:util="http://www.springframework.org/schema/util"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
xmlns:ehcache="http://www.springmodules.org/schema/ehcache"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
http://www.springmodules.org/schema/ehcache http://www.springmodules.org/schema/cache/springmodules-ehcache.xsd">
<aop:aspectj-autoproxy />
<!-- Controller包(自动注入) -->
<context:component-scan base-package="com.controller"/>
<!-- 将 springSwaggerConfig加载到spring容器 -->
<bean class="com.mangofactory.swagger.configuration.SpringSwaggerConfig" />
<mvc:default-servlet-handler/>
<bean class="com.listener.InitDataListener"/>
<!-- FastJson注入 -->
<mvc:annotation-driven>
<mvc:message-converters register-defaults="true">
<bean id="fastJsonHttpMessageConverter"
class="com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter">
<property name="supportedMediaTypes">
<list>
<value>text/html;charset=UTF-8</value>
<value>application/json;charset=UTF-8</value>
</list>
</property>
</bean>
</mvc:message-converters>
</mvc:annotation-driven>
<!-- 上传限制 -->
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<!-- 上传文件大小限制为31M,31*1024*1024 -->
<property name="maxUploadSize" value="32505856"/>
</bean>
<!-- shiro 验证注解start -->
<!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
<property name="proxyTargetClass" value="true" />
</bean>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<!-- 异常处理 -->
<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="exceptionMappings">
<props>
<prop key="org.apache.shiro.authz.UnauthorizedException">/error/unauthorized</prop>
<prop key="org.apache.shiro.authz.UnauthenticatedException">/error/unlogined</prop>
</props>
</property>
</bean>
<!-- 切面 -->
<bean id="sysLogAspect" class="com.anotation.SysLogAspect"></bean>
<aop:config>
<aop:aspect ref="sysLogAspect">
<aop:pointcut expression="@annotation(com.anotation.SysLog)" id="sysLogPointcut"/>
<aop:around method="aroud" pointcut-ref="sysLogPointcut"/>
</aop:aspect>
</aop:config>
</beans>
四、在对应的Controller方法上加上注解即可
/**
* 账号登录
* @param request
* @return
*/
@PostMapping(value = "/login",produces="application/json;charset=utf-8")
@SysLog(type="后台系统",action="登录功能",method="POST")
@ApiOperation(value="登录",httpMethod="POST",notes="登录")
public JSONObject login(@RequestParam String username, @RequestParam String password, HttpSession session,HttpServletResponse response) {
//接收前台参数
logger.info("用户名:"+username);
logger.info("密码:"+password);
//调用查询逻辑
EntityWrapper<SysUser> wrapper = new EntityWrapper<SysUser>();
wrapper.eq("login_code", username);
SysUser user = userService.selectOne(wrapper);
JSONObject json = new JSONObject();
if(user != null && "0".equals(user.getStatus())) {
//获取当前用户
Subject subject = SecurityUtils.getSubject();
//根据前台传的用户名和密码进行认证
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try {
//认证通过
subject.login(token);
String encode = Base64.encode(user.getUserCode());
//Cookie有效期默认为8小时
int time=28800;
//将Cookie加密为16进制字符串
CookieUtils.setCookie(response, "userCode", encode, time);
user.setLastLoginDate(DateUtil.date());
userService.updateById(user);
//将userCode放入session中保存
session.setAttribute("userCode", user.getUserCode());
json.put("token", subject.getSession().getId());
json.put(CommonEnum.RETURN_CODE, "000000");
json.put(CommonEnum.RETURN_MSG, "登录成功");
} catch (IncorrectCredentialsException e) {
json.put(CommonEnum.RETURN_CODE, "111111");
json.put(CommonEnum.RETURN_MSG, "用户名或密码错误");
}catch (Exception e) {
json.put(CommonEnum.RETURN_CODE, "222222");
json.put(CommonEnum.RETURN_MSG, "特殊异常");
}
}else {
json.put(CommonEnum.RETURN_CODE, "500");
json.put(CommonEnum.RETURN_MSG, "用户不存在");
}
return json;
}
