tlias管理系统--登录校验--使用过滤器Filter实现登录校验功能
This commit is contained in:
@@ -75,6 +75,14 @@
|
|||||||
<artifactId>jjwt</artifactId>
|
<artifactId>jjwt</artifactId>
|
||||||
<version>0.9.1</version>
|
<version>0.9.1</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<!--fastJson-->
|
||||||
|
<dependency>
|
||||||
|
<groupId>com.alibaba</groupId>
|
||||||
|
<artifactId>fastjson</artifactId>
|
||||||
|
<version>2.0.53</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
</dependencies>
|
</dependencies>
|
||||||
<dependencyManagement>
|
<dependencyManagement>
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
|||||||
@@ -4,7 +4,9 @@ import javax.servlet.*;
|
|||||||
import javax.servlet.annotation.WebFilter;
|
import javax.servlet.annotation.WebFilter;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
|
||||||
@WebFilter(urlPatterns = "/*")
|
//@WebFilter(urlPatterns = "/*")
|
||||||
|
//@WebFilter(urlPatterns = "/login")
|
||||||
|
//@WebFilter(urlPatterns = "/emps/*")
|
||||||
public class DemoFilter implements Filter {
|
public class DemoFilter implements Filter {
|
||||||
@Override
|
@Override
|
||||||
public void init(FilterConfig filterConfig) throws ServletException {
|
public void init(FilterConfig filterConfig) throws ServletException {
|
||||||
@@ -15,8 +17,10 @@ public class DemoFilter implements Filter {
|
|||||||
@Override
|
@Override
|
||||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
|
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
|
||||||
System.out.println("doFilter,过滤器的拦截方法执行了");
|
System.out.println("doFilter,过滤器的拦截方法执行了");
|
||||||
|
System.out.println("DemoFilter---放行前的逻辑");
|
||||||
//放行
|
//放行
|
||||||
filterChain.doFilter(request,response);
|
filterChain.doFilter(request,response);
|
||||||
|
System.out.println("DemoFilter---放行后的逻辑");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
@@ -0,0 +1,67 @@
|
|||||||
|
package com.inmind.filter;
|
||||||
|
|
||||||
|
import com.alibaba.fastjson.JSONObject;
|
||||||
|
import com.inmind.pojo.Result;
|
||||||
|
import com.inmind.utils.JwtUtils;
|
||||||
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
|
import javax.servlet.*;
|
||||||
|
import javax.servlet.annotation.WebFilter;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
@WebFilter(urlPatterns = "/*")//登录校验过滤器,拦截所有的资源请求
|
||||||
|
@Slf4j
|
||||||
|
public class LoginCheckFilter implements Filter {
|
||||||
|
@Override
|
||||||
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||||
|
|
||||||
|
//1.获取请求url(之前都是通过HttpServletRequest获取请求)
|
||||||
|
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||||
|
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||||
|
String url = request.getRequestURI();//http://localhost:8080/login或者http://localhost:8080/emps
|
||||||
|
log.info("请求url:"+url);
|
||||||
|
//2.判断请求url中是否有login,如果包含那就是登录接口,直接放行
|
||||||
|
if (url.contains("login")) {
|
||||||
|
log.info("当前是登录请求,直接放行");
|
||||||
|
filterChain.doFilter(servletRequest,servletResponse);
|
||||||
|
return;//放行后会回到当前代码中,所以要直接提前结束方法功能,否则下面的业务逻辑还会执行
|
||||||
|
}
|
||||||
|
//3.如果不是登录操作,获取请求头中的令牌
|
||||||
|
String jwt = request.getHeader("token");
|
||||||
|
|
||||||
|
//4.判断令牌是否存在
|
||||||
|
if (!StringUtils.hasLength(jwt)) {
|
||||||
|
log.info("令牌不存在,直接响应未登录状态");
|
||||||
|
// 未登录的响应实现
|
||||||
|
notLogin(response);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
//5.判断令牌的合法性,如果不合法则,响应未登录状态
|
||||||
|
try {
|
||||||
|
JwtUtils.parseJWT(jwt);
|
||||||
|
} catch (Exception e) {
|
||||||
|
//未登录的响应实现
|
||||||
|
notLogin(response);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
//放行
|
||||||
|
filterChain.doFilter(servletRequest,servletResponse);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void notLogin(HttpServletResponse response) throws IOException {
|
||||||
|
//根据接口文档响应json,之前通过spring的控制器的@ResponseBody注解自动转换为json返回
|
||||||
|
//但是当前不是控制器,所以我们要手动封装json数据响应
|
||||||
|
Result error = Result.error("NOT_LOGIN");
|
||||||
|
//手动将java对象转为json字符串----阿里巴巴fastJson
|
||||||
|
String notLoginJson = JSONObject.toJSONString(error);
|
||||||
|
//响应数据通过响应对象,直接返回给浏览器(客户端)
|
||||||
|
response.getWriter().write(notLoginJson);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,16 @@
|
|||||||
|
package com.inmind.filter;
|
||||||
|
|
||||||
|
import javax.servlet.*;
|
||||||
|
import javax.servlet.annotation.WebFilter;
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
//@WebFilter(urlPatterns = "/*")
|
||||||
|
public class XbcFilter implements Filter {
|
||||||
|
@Override
|
||||||
|
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
|
||||||
|
System.out.println("XbcFilter -- 放行前的逻辑");
|
||||||
|
//放行
|
||||||
|
filterChain.doFilter(request,response);
|
||||||
|
System.out.println("XbcFilter --- 放行后的逻辑");
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user