1.入门demoFilter
package com.wust.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;
@WebFilter(urlPatterns = "/*")
public class DemoFilter implements Filter {
@Override //初始化方法,只调用一次
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("init初始化方法执行了");
}
@Override //拦截到请求之后调用,调用多次
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("demo拦截到了请求....放行前逻辑");
//放行 放行之后才能访问到后面的(数据库)资源,否则加载不了数据
filterChain.doFilter(servletRequest,servletResponse);
System.out.println("demo拦截到了请求....放行后逻辑");
}
@Override //销毁方法,只调用一次
public void destroy() {
System.out.println("destroy摧毁方法执行了");
}
}
还要在启动类中添加@ServletComponentScan注解,开启对servlet组件的支持。
package com.wust;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.ServletComponentScan;
@ServletComponentScan //开启了对servlet组件的支持
@SpringBootApplication
public class TliasWebManagementApplication {
public static void main(String[] args) {
SpringApplication.run(TliasWebManagementApplication.class, args);
}
}
在postman上测试发出请求:
idea控制台:
2.过滤器链
新增一个xbcFilter
package com.wust.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;
@WebFilter(urlPatterns = "/*")
public class XbcFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("abc拦截到了请求....放行前逻辑");
//放行 放行之后才能访问到后面的(数据库)资源,否则加载不了数据
filterChain.doFilter(servletRequest,servletResponse);
System.out.println("abc拦截到了请求....放行后逻辑");
}
}
执行顺序是根据类名字母的字典序先后执行,先执行DemoFilter,再执行XbcFilter。
3.登录校验
LoginCheckFilter
package com.wust.filter;
import com.alibaba.fastjson.JSONObject;
import com.github.pagehelper.util.StringUtil;
import com.wust.pojo.Result;
import com.wust.utils.JwtUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.StringUtils;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Slf4j
//@WebFilter(urlPatterns = "/*")
public class LoginCheckFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) servletRequest;
HttpServletResponse resp = (HttpServletResponse) servletResponse;
// 1.获取请求url
String url = req.getRequestURI().toString();
log.info("请求的url:{}",url);
// 2.判断请求url中是否包含login,如果包含,说明是登陆操作,放行
if(url.contains("login")){
log.info("登陆操作,放行...");
filterChain.doFilter(servletRequest,servletResponse);
return;
}
// 3.获取请求头中的令牌(token)
String jwt = req.getHeader("token");
// 4.判断令牌是否存在,如果不存在,返回错误结果(未登录)
if(!StringUtils.hasLength(jwt)){
log.info("请求头token为空,返回未登录的信息");
Result error = Result.error("NOT_LOGIN");
//手动转换 对象 -- json -----> 阿里巴巴fastJSON
String notLogin = JSONObject.toJSONString(error);
resp.getWriter().write(notLogin);
return;
}
// 5.解析token,如果解析失败,返回错误结果(未登录)
try{
JwtUtils.parseJWT(jwt);
}catch (Exception e){
e.printStackTrace();
log.info("解析令牌失败,返回未登陆的错误信息");
Result error = Result.error("NOT_LOGIN");
//手动转换 对象 -- json -----> 阿里巴巴fastJSON
String notLogin = JSONObject.toJSONString(error);
resp.getWriter().write(notLogin);
return;
}
// 6.放行。
log.info("令牌合法,放行");
filterChain.doFilter(servletRequest,servletResponse);
}
}
在postman上发送登录请求:
修改token,显示not_login