话不多说 代码奉上
@WebFilter(urlPatterns = "/*")
public class DemoFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
// 转换类型
HttpServletRequest req = (HttpServletRequest) servletRequest;
HttpServletResponse resp = (HttpServletResponse) servletResponse;
// 1.获取请求url
String url = req.getRequestURI();
// 2.判断请求url是否包含login,如果包含,说明是登录操作,放行
if (url.contains("login")) {
// 放行
filterChain.doFilter(servletRequest, servletResponse);
return;
}
// 3.获取请求头中的令牌
String token = req.getHeader("token");
// 4.判断token是否存在,如果不存在,返回错误结果(未登录)
if (!StringUtils.hasLength(token)) {
Result error = Result.error("NOT_LOGIN");
String jsonString = JSONObject.toJSONString(error);
resp.getWriter().write(jsonString);
return;
}
// 5.解析token,如果失败,返回错误结果
try {
JwtUtils.parseJWT(token);
} catch (Exception e) {
e.printStackTrace();
Result error = Result.error("NOT_LOGIN");
String jsonString = JSONObject.toJSONString(error);
resp.getWriter().write(jsonString);
return;
}
// 6.放行
filterChain.doFilter(servletRequest, servletResponse);
}
}