在 Grails 3.0.11 Interceptors文档之后,我编写了我自己的拦截器,如下所示:
class AuthInterceptor {
int order = HIGHEST_PRECEDENCE;
AuthInterceptor() {
println("AuthInterceptor.AuthInterceptor(): Enter..............");
// ApiController.index() and HomeController.index() don't need authentication.
// Other controllers need to check authentication
matchAll().excludes {
match(controller:'api', action:'index);
match(controller:'home', action:'index');
}
}
boolean before() {
println "AuthInterceptor.before():Enter----------------->>>>>>";
log.debug("AuthInterceptor.before(): params:${params}");
log.debug("AuthInterceptor.before(): session.id:${session.id}");
log.debug("AuthInterceptor.before(): session.user:${session.user?.englishDisplayName}");
if (!session.user) {
log.debug("AuthInterceptor.before(): display warning msg");
render "Hi, I am gonna check authentication"
return false;
} else {
return true;
}
}
boolean after() {
log.debug("AuthInterceptor.after(): Enter ...........");
true
}
void afterView() {
// no-op
}
}
class P2mController {
def index() {
log.debug("p2m():Enter p2m()..............")
render "Hi, I am P2M";
}
}
当我从日志控制台测试http://localhost:8080/p2m/index时,我看到P2mController.index()在未经过检查的情况下执行.
但是,当我测试http://localhost:8080/api/index或http://localhost:8080/home/index时,执行AuthInterceptor.check()并显示浏览器
Hi, I am gonna check authentication
我希望P2mController被检查身份验证,而HomeController.index()和ApiController.index()不需要检查身份验证.但是从日志和响应中,结果是相反的.
我的AuthInterceptor出了什么问题?
最佳答案 你想这样做:
matchAll().excludes(controller:'api', action:'index')
.excludes(controller:'home', action:'index')
并且不要忘记第一个“索引”之后的单引号.