tlias管理系统--登录校验--使用过滤器Filter实现登录校验功能

tlias-web-management/pom.xml

@@ -75,6 +75,14 @@
             <artifactId>jjwt</artifactId>
             <version>0.9.1</version>
         </dependency>
+
+        <!--fastJson-->
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
+            <version>2.0.53</version>
+        </dependency>
+
     </dependencies>
     <dependencyManagement>
         <dependencies>

tlias-web-management/src/main/java/com/inmind/filter/DemoFilter.java

@@ -4,7 +4,9 @@ import javax.servlet.*;
 import javax.servlet.annotation.WebFilter;
 import java.io.IOException;
 
-@WebFilter(urlPatterns = "/*")
+//@WebFilter(urlPatterns = "/*")
+//@WebFilter(urlPatterns = "/login")
+//@WebFilter(urlPatterns = "/emps/*")
 public class DemoFilter implements Filter {
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
@@ -15,8 +17,10 @@ public class DemoFilter implements Filter {
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
         System.out.println("doFilter，过滤器的拦截方法执行了");
+        System.out.println("DemoFilter---放行前的逻辑");
         //放行
         filterChain.doFilter(request,response);
+        System.out.println("DemoFilter---放行后的逻辑");
     }
 
     @Override

tlias-web-management/src/main/java/com/inmind/filter/LoginCheckFilter.java

@@ -0,0 +1,67 @@
+package com.inmind.filter;
+
+import com.alibaba.fastjson.JSONObject;
+import com.inmind.pojo.Result;
+import com.inmind.utils.JwtUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.util.StringUtils;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@WebFilter(urlPatterns = "/*")//登录校验过滤器，拦截所有的资源请求
+@Slf4j
+public class LoginCheckFilter implements Filter {
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+
+        //1.获取请求url（之前都是通过HttpServletRequest获取请求）
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
+        HttpServletResponse response = (HttpServletResponse) servletResponse;
+        String url = request.getRequestURI();//http://localhost:8080/login或者http://localhost:8080/emps
+        log.info("请求url:"+url);
+        //2.判断请求url中是否有login，如果包含那就是登录接口，直接放行
+        if (url.contains("login")) {
+            log.info("当前是登录请求，直接放行");
+            filterChain.doFilter(servletRequest,servletResponse);
+            return;//放行后会回到当前代码中，所以要直接提前结束方法功能，否则下面的业务逻辑还会执行
+        }
+        //3.如果不是登录操作，获取请求头中的令牌
+        String jwt = request.getHeader("token");
+
+        //4.判断令牌是否存在
+        if (!StringUtils.hasLength(jwt)) {
+            log.info("令牌不存在，直接响应未登录状态");
+            // 未登录的响应实现
+            notLogin(response);
+            return;
+        }
+
+        //5.判断令牌的合法性，如果不合法则，响应未登录状态
+        try {
+            JwtUtils.parseJWT(jwt);
+        } catch (Exception e) {
+            //未登录的响应实现
+            notLogin(response);
+            return;
+        }
+
+        //放行
+        filterChain.doFilter(servletRequest,servletResponse);
+        return;
+    }
+
+    private void notLogin(HttpServletResponse response) throws IOException {
+        //根据接口文档响应json，之前通过spring的控制器的@ResponseBody注解自动转换为json返回
+        //但是当前不是控制器，所以我们要手动封装json数据响应
+        Result error = Result.error("NOT_LOGIN");
+        //手动将java对象转为json字符串----阿里巴巴fastJson
+        String notLoginJson = JSONObject.toJSONString(error);
+        //响应数据通过响应对象，直接返回给浏览器（客户端）
+        response.getWriter().write(notLoginJson);
+        return;
+    }
+}

tlias-web-management/src/main/java/com/inmind/filter/XbcFilter.java

@@ -0,0 +1,16 @@
+package com.inmind.filter;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import java.io.IOException;
+
+//@WebFilter(urlPatterns = "/*")
+public class XbcFilter implements Filter {
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
+        System.out.println("XbcFilter -- 放行前的逻辑");
+        //放行
+        filterChain.doFilter(request,response);
+        System.out.println("XbcFilter --- 放行后的逻辑");
+    }
+}