小白初学SpringBoot记录
1.对于通过json返回用户信息时,需要忽略password字段操作:
1.1 pom配置jackson细节:
<dependency><groupId>com.fasterxml.jackson.core</groupId><artifactId>jackson-databind</artifactId><version>2.14.2</version></dependency>在对应表的类加上注解(@JsonIgnoreProperties({"password"}))
@Data
@JsonIgnoreProperties({"password"})
public class User {private Integer id;//主键IDprivate String username; // 用户名//返回 的数据里忽略密码private String password;// 密码private String nickname; //昵称private String email;//邮箱private String userPic;// 用户头像private LocalDateTime createTime;// 创建时间private LocalDateTime updateTime;// 更新时间
}返回数据的泛型类如下:
@NoArgsConstructor
@AllArgsConstructor
@Data
public class Result<T> {private Integer code;private String message;private T data;public static <E> Result success(E data){return new Result<>(0,"操作成功",data);}public static Result success(){return new Result<>(0,"操作成功",null);}public static Result error(String message){return new Result<>(1,message,null);}
}返回用户信息的路由信息:
@GetMapping("/userinfo")public Result<User> getUserinfo(@RequestHeader(name="Authorization") String token){try {Map<String, Object> stringObjectMap = JwtUtils.parseToken(token);String name = (String)stringObjectMap.get("username");User byName = userService.findByName(name);return Result.success(byName);}catch (Exception e){return Result.error("Token 过期");}}2.添加拦截器,对除了部分请求外的所有请求进行JWT验证:
继承HandlerInterceptor接口,并且实现接口preHandle,
package org.example.Interceptors;import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Enumeration;
import org.example.utils.JwtUtils;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;@Component
public class LoginInterceptor implements HandlerInterceptor {@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)throws Exception {String token = request.getHeader("Authorization");try {JwtUtils.parseToken(token);return true;}catch (Exception e){response.setStatus(401);return false;}}
}注册拦截器的实现:其中(excludePathPatterns("/user/login","user/register") 操作会忽略这个请求路径下的JWT验证)
package org.example.config;import org.example.Interceptors.LoginInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;@Configuration
public class WebConfig implements WebMvcConfigurer {@Autowiredprivate LoginInterceptor loginInterceptor;@Overridepublic void addInterceptors(InterceptorRegistry registry) {registry.addInterceptor(loginInterceptor).excludePathPatterns("/user/login","user/register");}
}3.路由接口的参数校验使用validation
pom.xml 添加如下配置:
<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-validation</artifactId> </dependency>
对于对应的controller类添加如下注解:
@Validated
public class UserController {
。。。
}3.1普通参数类型校验
对于登录接口参数的校验如下:
@PostMapping("/login")
public Result login(@Pattern(regexp = "^[a-zA-Z][a-zA-Z0-9]{4,16}$") String username,@Pattern(regexp = "^[a-zA-Z0-9]{5,16}$") String password){}可以添加Pattern注解,并使用正则表达式验证。@Pattern(regexp = "^[a-zA-Z][a-zA-Z0-9]{4,16}$")
3.2对于类对象格式校验:
此方法存在controller类内
@PutMapping("/update")public Result updateUserInfo(@RequestBody @Validated User user){}@RequestBody 用户获取用户json格式传过来的参数,直接初始化类User。
User类如下:
@Data
@NoArgsConstructor
@JsonIgnoreProperties({"password"})
public class User {@NonNullprivate Integer id;//主键IDprivate String username; // 用户名//返回 的数据里忽略密码private String password;// 密码@NotEmpty@Pattern(regexp = "^[a-zA-Z0-9]{5,10}$")private String nickname; //昵称@NotEmpty@Emailprivate String email;//邮箱private String userPic;// 用户头像private LocalDateTime createTime;// 创建时间private LocalDateTime updateTime;// 更新时间
}@Data注解是lombok依赖,可以在编译的时候帮助生成默认的getter,setter方法。
pom.xml添加如下:
<dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId><version>1.18.32</version> </dependency>
对于类对象的属性值校验使用的
@NonNull 不为null
@NotEmpty 不为null并且字符串时不为空
@Pattern(regexp = "^[a-zA-Z0-9]{5,10}$") 正则校验传入的别名
@Email 邮箱格式校验
在未添加 注解@NoArgsConstructor时,从postman模拟update时出现如下错误:
Cannot construct instance of `org.example.pojo.User` (although at least one Creator exists): cannot deserialize from Object value (no delegate- or property-based Creator)
原因:缺少无参构造器
Jackson 反序列化时必须通过无参构造器创建对象,再通过 Setter 注入属性
- 当前类使用 Lombok
@Data注解,但未显式添加@NoArgsConstructor,导致编译后无默认构造器
- 即使 Lombok 默认生成无参构造器,若存在其他构造器(如全参构造器),则不再自动生成
因此需要加上@NoArgsConstructor注解。