我们访问一个域名+路径(需要授权访问)时,如果没有登录会返回一个登录页面,登录完成后我们希望继续访问之前输入的域名+路径,我的实现方案如下:
前端:1.没有授权时访问(这里页面肯定会报错),2.弹出登录界面,这两个动作过程中必须确定前端一定会调用某个接口,然后和后端协商,通过这个接口将浏览器地址栏内容(即原始路径)放到http header中传递到后端。
前端代码不再展示,主要逻辑就是,获取地址栏地址然后放到header里面通过接口发送到后端。
后端:使用过滤器,优先级设置为-101,因为security过滤器优先级为-100,因此在security过滤器之前生效。
/*
* 注册过滤器
*/
import com.xxx.filter.HttpParamsFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class WebFilterConfiguration {
@Bean
public FilterRegistrationBean httpParamsFilter() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(new HttpParamsFilter());
filterRegistrationBean.setOrder(-101);
filterRegistrationBean.addUrlPatterns("/*");
filterRegistrationBean.setName("httpParamsFilter");
return filterRegistrationBean;
}
}
/*
* 拦截并存储访问地址
*/
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.xxx.util.ObjectsUtil;
/**
* author:lgq
* 过滤器存储请求地址A
*/
public class HttpParamsFilter implements Filter {
public static final String REQUESTED_URL = "xxxRequestedUrl";
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
String requestPath = request.getRequestURL().toString();
if (requestPath.contains("/isXXX")) { //isXXX为约定好的接口
String addressBarUrl = request.getHeader("XXXAddressBarUrl"); //XXXAddressBarUrl为约定好的header Name
if (!ObjectsUtil.isEmpty(addressBarUrl)) {
session.setAttribute(REQUESTED_URL, addressBarUrl);
}
}
chain.doFilter(request, response);
}
@Override
public void destroy() {
}
}
/*
* 最后只需要在认证通过之后,后端发送重定向到请求地址A给前端(response.sendRedirect(url))即可。
*/