<!--拦截请求,对sys和admin进行拦截-->
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.mall.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/sys/*</url-pattern>
<url-pattern>/admin/*</url-pattern>
</filter-mapping>
package com.mall.filter;
import com.mall.common.RequestHolder;
import com.mall.model.SysUser;
import lombok.extern.slf4j.Slf4j;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Slf4j
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest)servletRequest;
HttpServletResponse resp=(HttpServletResponse)servletResponse;
// String servletPath=req.getServletPath();
SysUser sysUser=(SysUser) req.getSession().getAttribute("user");//得到用户
if(sysUser==null){//表示还没有登陆,跳转到登陆页面
String path="/signin.jsp";
resp.sendRedirect(path);
return;
}
//如果用户存在,就将用户增加到我们的ThreadLocal
RequestHolder.add(sysUser);//后面要取当前用户,就在RequestHolder里面取
RequestHolder.add(req);
filterChain.doFilter(servletRequest,servletResponse);
return;
}
@Override
public void destroy() {
}
}
package com.mall.common;
import com.mall.model.SysUser;
import javax.servlet.http.HttpServletRequest;
/**
* 用ThreadLocal解决高并发的问题
*/
public class RequestHolder {
private static final ThreadLocal<SysUser> userHolder = new ThreadLocal<SysUser>();
private static final ThreadLocal<HttpServletRequest> requestHolder = new ThreadLocal<HttpServletRequest>();
public static void add(SysUser sysUser) {
userHolder.set(sysUser);
}
public static void add(HttpServletRequest request) {
requestHolder.set(request);
}
public static SysUser getCurrentUser() {
return userHolder.get();
}
public static HttpServletRequest getCurrentRequest() {
return requestHolder.get();
}
public static void remove() {
userHolder.remove();
requestHolder.remove();
}
}
public void save(UserParam param){
//验证
BeanValidator.check(param);
if(checkTelephoneExist(param.getTelephone(),param.getId())){
throw new ParamException("电话已被占用");
}
if(checkEmailExist(param.getMail(),param.getId())){
throw new ParamException("邮箱已被占用");
}
String password= PasswordUtil.randomPassword();
//TODO
password="123456";
String encryptedPassword= MD5Util.encrypt(password);//md5进行加密
SysUser user=SysUser.builder().username(param.getUsername()).telephone(param.getTelephone()).mail(param.getMail())
.password(encryptedPassword).deptid(param.getDeptId()).status(param.getStatus()).remark(param.getRemark()).build();
user.setOperator(RequestHolder.getCurrentUser().getUsername());//TODO 从RequestHolder这里面获得用户名
user.setOperateip("127.0.0.1");//TODO
user.setOperatetime(new Date());
user.setId(Integer.parseInt(String.valueOf(System.currentTimeMillis()/1000000+23)));//对字符串进行解析,id的sheng'cheng
sysUserMapper.insertSelective(user);
}