Spring Boot项目开发(六)——编写过滤器,统一处理登录权限

该博客介绍了如何在Spring Boot中编写一个用户登录权限过滤器,用于拦截并处理未登录用户尝试访问特定管理页面的情况。过滤器检查HttpSession中的用户对象,如果用户未登录或不具备管理员权限,则返回相应的错误信息,阻止请求继续执行。配置文件中定义了过滤器的注册和匹配URL路径。
摘要由CSDN通过智能技术生成

一、编写过滤器

package com.learn.mall.filter;


import com.learn.mall.common.Constant;
import com.learn.mall.model.pojo.User;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * 用户登录权限过滤器
 */

public class AdminFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest)servletRequest;
        HttpSession session = request.getSession();
        //判断用户是否登录
        User user = (User) session.getAttribute(Constant.USER);
        if(user == null){
            PrintWriter out = new HttpServletResponseWrapper((HttpServletResponse)servletResponse).getWriter();
            out.write("{\"status\":\"10007\",\"msg\":\"NEED_LOGIN\",\"data\":\"null\"}");
            out.flush();
            out.close();
            return ;
        }
        //判断用户是否是超级管理员
        if(user.getRole().equals(1)){
            PrintWriter out = new HttpServletResponseWrapper((HttpServletResponse)servletResponse).getWriter();
            out.write("{\"status\":\"10008\",\"msg\":\"NEED_ADMIN\",\"data\":\"null\"}");
            out.flush();
            out.close();
        }else{
            //管理员登录则放行,执行后面的操作
            filterChain.doFilter(servletRequest,servletResponse);
        }
    }

    @Override
    public void destroy() {

    }
}

二、编写过滤器配置文件

package com.learn.mall.config;

import com.learn.mall.filter.AdminFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * 用户登录权限过滤器的配置
 */
@Configuration
public class AdminFilterConfig {
    @Bean
    public AdminFilter adminFilter(){
        return new AdminFilter();
    }

    @Bean(name = "adminFilterConf")
    public FilterRegistrationBean adminFilterConfig(){
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(adminFilter());
        filterRegistrationBean.addUrlPatterns("/admin/category/*");
        filterRegistrationBean.addUrlPatterns("/admin/product/*");
        filterRegistrationBean.addUrlPatterns("/admin/order/*");
        filterRegistrationBean.setName("adminFilterConf");
        return filterRegistrationBean;
    }
}

 

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值