1、登录认证
2、登录校验
package com.webtest.tliaswebmanagement.filter;
import com.alibaba.fastjson.JSONObject;
import com.webtest.tliaswebmanagement.pojo.Result;
import com.webtest.tliaswebmanagement.utils.JwtUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.StringUtils;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Slf4j
public class LoginCheckFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
//1、获取请求url
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String url = request.getRequestURL().toString();
log.info("请求的url:{}"+url);
// 2、判断请求是否包含login,如果包含,说明是登录操作,放行
if(url.contains("login")){
log.info("登录操作,放行");
filterChain.doFilter(request,response);
return;
}
// 3、获取请求中的token
String jwt = request.getHeader("token");
// 4、判断令牌是否存在,不存在返回错误
if(!StringUtils.hasLength(jwt)){
log.info("请求头token为空,返回未登录的信息");
Result error = Result.error("NOT_LOGIN");
//手动转化为json
String notLogin = JSONObject.toJSONString(error);
response.getWriter().write(notLogin);
return;
}
// 5、解析token,解析失败返回错误
try {
JwtUtils.parseJWT(jwt);
} catch (Exception e) {
e.printStackTrace();
log.info("解析失败");
Result error = Result.error("NOT_LOGIN");
String notLogin = JSONObject.toJSONString(error);
response.getWriter().write(notLogin);
return;
}
// 6、放行
log.info("令牌合法");
filterChain.doFilter(servletRequest,servletResponse);
}
}