1、首先使用fastjson框架的JSONObject.toJSONString或者Gson的toJson方法将对象转为JSON格式
2、使用HttpServletResponse的getWriter().write(“待响应的数据”)方法响应到客户端
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
//1、获取请求url
String url = request.getRequestURL().toString();
log.info("请求的路径为:{}",url);
//2、判断是否是login操作,若是则放行
if (url.contains("login")){
log.info("登录操作,放行");
filterChain.doFilter(servletRequest, servletResponse);
return;
}
//3、获取请求头中的令牌(token)
String token = request.getHeader("token");
//4、判断令牌是否存在,若不存在,返回JSON格式的错误信息
if (!StringUtils.hasLength(token)){
log.info("请求头token为空,返回未登陆的信息");
Result error = Result.error("NOT_LOGIN");
//转换为JSON格式,使用阿里巴巴提供的fastJSON
String notLogin = JSONObject.toJSONString(error);
response.getWriter().write(notLogin);
return;
}
//5、解析令牌,若失败,返回JSON格式的错误信息
try {
JwtUtils.parseJWT(token);
}catch (Exception e){
e.printStackTrace();
log.info("解析令牌失败,返回JSON格式的错误登录信息");
Result error = Result.error("NOT_LOGIN");
String notLogin = JSONObject.toJSONString(error);
response.getWriter().write(notLogin);
return;
}
//6、放行
log.info("令牌合法,放行");
filterChain.doFilter(servletRequest, servletResponse);
}