java springboot WebMvcConfigurer拦截器，文件请求拦截，验证请求

• 说明
  在做文件的时候，不想别人下载，可以添加验证码等方式，进行拦截，也可以用权限去控制，进行拦截。
• 拦截方式
  我在访问路径之前，已经有一个权限的控制了（就是springsecurity的鉴权），为了阻止过度下载，多加一个验证码
  这里在访问文件的时候，加了一个拦截器。（可以自定义，我通过验证码的方式：还没完善）

这个实现类主要是开放文件访问服务。

package com.mods.browser.config;

import com.mods.browser.component.BaseInterceptor;
import com.mods.common.utils.FileUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;


@Configuration
public class StaticResourceConfig implements WebMvcConfigurer {

    
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry
            .addResourceHandler("/static
    @Autowired
    private BaseInterceptor baseInterceptor;

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(baseInterceptor);
    }
}

这个拦截器中，可以写需要的逻辑，比如判断是否拥有权限，判断验证码等，（我用header传的验证码）

package com.mods.browser.component;

import com.mods.auth.costum.JwtProperties;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.CollectionUtils;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
import java.util.stream.Collectors;


@Component
@Slf4j
public class BaseInterceptor implements HandlerInterceptor {

    private AntPathMatcher antPathMatcher = new AntPathMatcher();

    @Autowired
    private JwtProperties jwtProperties;

    
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) {
        String requestURI = request.getRequestURI();
        String[] aa = {
        "/static/materials**/dist**/cover
}

userid作为key,(如果有不同的业务需求，可以改一下key,多带一个参数，区分不同业务)
例如
String key = “userid1-type1”;

package com.mods.browser.model;

import org.springframework.stereotype.Component;

import java.util.HashMap;
import java.util.Map;

@Component
public class VerificationCode {

    private static Map code = new HashMap<>();

    public static void addCode(Integer userId, String value) {
        String key = userId.toString();//userId
        code.put(key, value);
        Thread thread = new Thread(() -> {
            try {
                Thread.sleep(10000);
            } catch (InterruptedException ignored) {
            }
            code.remove(key);
        });
        thread.start();
    }

    public static Boolean verification(Integer userId, String value) {
        String key = userId.toString();//userId
        boolean flag = value.equals(code.get(key));
        code.remove(key);
        return flag;
    }
}