1、过滤器Filder大致工作流程:
package com.taru.YoungMall.filter;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class TokenIsVaildFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("这里是doFilter");
filterChain.doFilter(servletRequest,servletResponse);
System.out.println("已经回来的doFilter");
}
@Override
public void destroy() {
}
}
执行结果:
从执行结果可以看出,在前端发送来的请求后先执行一次过滤器doFilter(),若此过滤器后面没有其他过滤器即filterChain,那么将执行Servlet中的service,否则会继续执行过滤器链上的其他过滤器,直到过滤器链上的过滤器都执行完毕后,再执行Servlet中的service,然后开始向前端发送响应之前,再执行一次过滤器doFilter().
3、登录剔除功能:
package com.taru.YoungMall.filter;
import com.alibaba.fastjson.JSON;
import com.taru.YoungMall.common.JsonResult;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
public class TokenIsVaildFilter implements Filter {
String[] uris;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//获取剔除的url
uris=filterConfig.getInitParameter("exclude").split(",");//得到初始化参数
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//验证Token的过程,应该写在filterChain.doFilter之前
//获取请求头中的token 用Authorization
HttpServletRequest request=(HttpServletRequest)servletRequest;
HttpServletResponse response=(HttpServletResponse) servletResponse;
String token=request.getHeader("Authorization");
//登录放行
//首先判断是否是登录
String uri=request.getRequestURI();//URL的后半部分 /YoungMall/api/login
for(int i=0;i<uris.length;i++){
if(uri.startsWith(uris[i])){//得到的路径是 /YoungMall/api/login 比较的是尾巴api/login
filterChain.doFilter(servletRequest,servletResponse);//放行
return;
}
}
if(token!=null){
if("lanqiao123456789".equals(token.substring(7))){
//token是合法的
System.out.println("这里是doFilter");
filterChain.doFilter(servletRequest,servletResponse);//放行
return;
}
}
System.out.println("已经回来的doFilter");
//把jsonResult对象转换成JSON字符串
JsonResult result=new JsonResult(401,"没有token");
String jsonStr= JSON.toJSONString(result);
System.out.println("jsonStr:"+jsonStr);
//调用service层,service类
//响应之前必须设置响应的MIME类型
response.setContentType("application/json");
//设置响应的编码
response.setCharacterEncoding("utf-8");
//响应
PrintWriter pw=response.getWriter();
pw.write(jsonStr);
pw.flush();
pw.close();
}
@Override
public void destroy() {
}
}