how to get request session before controller method

I have a server and simple auth using controller. How to get request session and modify response body before running the controller method?

I want to check(for only methods marked by my own annotation) if session have an attribute (login) or not, and to send my error response body or go to the controller.

I tried to use aspectj and interceptor but as a result I can manage session after the controller method has been completed. Because interceptor preHandle method runs before aspectJ @Before.

@Retention(RUNTIME)
@Target({ TYPE, METHOD })
public @interface CheckSession {

}

@Aspect
@Component 
public class CheckSessionAspect {

public CheckSessionAspect() {
    super();
}

@Before("@annotation(path.to.CheckSession)")
public void check(JoinPoint joinPoint) throws Throwable {

    ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
    requestAttributes.setAttribute(SESSION_MARKER, "1", RequestAttributes.SCOPE_REQUEST);

   }

}

@ControllerAdvice
public class ResponseModifierAdvice implements ResponseBodyAdvice<Object> {

@Autowired
ErrorService errorService;

@Override
public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
    return true;
}

@Override
public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType, Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) {

    HttpServletRequest servletRequest = ((ServletServerHttpRequest) request).getServletRequest();

    if (servletRequest.getAttribute(SESSION_MARKER) != null)
        if (servletRequest.getSession().getAttribute(LOGIN) == null || StringUtils.isBlank(servletRequest.getSession().getAttribute(LOGIN).toString())) {
            ResponseEntity<Object> newResponseBody = errorService.sessionError(request, returnType.getMethod().getName(), NO_SESSION, getClass().toString());
            body = newResponseBody.getBody();
        }

    return body;
}
}

I did it. You can use @Around and return ResponseEntity object if the user has no session.

@Aspect
@Component 
public class CheckSessionAspect {

public CheckSessionAspect() {
    super();
}

@Around("@annotation(path.to.CheckSession)")
    public Object check(ProceedingJoinPoint pjp) throws Throwable {

        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = requestAttributes.getRequest();
        if ((request.getSession().getAttribute(LOGIN) == null || StringUtils.isBlank(request.getSession().getAttribute(LOGIN).toString())) ||
                (request.getSession().getAttribute(IP) == null || StringUtils.isBlank(request.getSession().getAttribute(IP).toString()) ||
                        request.getSession().getAttribute(IP) != null && !request.getSession().getAttribute(IP).toString().equals(request.getRemoteAddr()))) 
        {
            requestAttributes.setAttribute(WRONG_SESSION_MARKER, "1", RequestAttributes.SCOPE_REQUEST);
            return new ResponseEntity<Object>(  new YourResponse(ERROR, "Invalid session"), HttpStatus.BAD_REQUEST);
        }

    Object proceed = pjp.proceed();

    return proceed;

   }
}