1
在启动类Application配置 @ServletComponentScan(value = { “com.***.***.filter” })
拦截工具类
@Slf4j
@WebFilter(filterName = "loginFilter", urlPatterns = "/*")
@Order(1)
public class LoginFilter implements Filter {
/**
* 需要排除的页面
* index.do,test,add,update
*/
@Value("${ALLOWED_PATHS}")
private String[] excludedPageArray;
@Autowired
private UserInfoService userInfoService;
@Autowired
private StringRedisTemplate stringRedisTemplate;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String url = request.getRequestURI();
String tokenTicket = userInfoService.getTokenTicket(request);
log.info("url == {}, tokenTicket == {}", url, tokenTicket);
if (needCheck(url)) {
if (loginCheck(tokenTicket)) {
filterChain.doFilter(request, response);
} else {
// 返回json形式的错误信息
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
PrintWriter pw = response.getWriter();
ResultEntity resultEntity = new ResultEntity(BizRespCodeEnum.AUTH_FAIL);
pw.write(JSON.toJSONString(resultEntity));
pw.flush();
}
} else {
filterChain.doFilter(request, response);
}
}
@Override
public void destroy() {}
/**
* 登录信息校验
*/
private boolean loginCheck(String tokenTicket) {
try {
String userInfo = stringRedisTemplate.opsForValue().get(tokenTicket);
if (StringUtils.isBlank(userInfo)) {
log.info("tokenTicket: {}, lost user info!", tokenTicket);
return false;
}
stringRedisTemplate.expire(tokenTicket, Constants.RedisTimeout.USER_TIMEOUT, TimeUnit.SECONDS);
log.info("refresh userInfo expire time, tokenTicket == {}", tokenTicket);
return true;
} catch (Exception e) {
log.error("login check failed!", e);
return false;
}
}
private boolean needCheck(String url) {
log.info("check url == {}, allowed_paths == {}", url, excludedPageArray);
//不需要登陆的url
for (String notNeedLoginUrl : excludedPageArray) {
url = url.substring(url.lastIndexOf("/") + 1);
if (url.contains(notNeedLoginUrl)) {
return false;
}
}
return true;
}
}
获取请求信息
public interface UserInfoService {
/**
* 从请求中获取token
* @param request 请求对象
* @return token
*/
String getTokenTicket(HttpServletRequest request);
}
@Service
public class UserInfoServiceImpl implements UserInfoService {
@Override
public String getTokenTicket(HttpServletRequest request) {
Cookie[] cookies = request.getCookies();
String tokenTicket = null;
if (cookies != null && cookies.length > 0) {
for (Cookie cookie : cookies) {
if (Constants.RequestKey.TOKEN_TICKET.equals(cookie.getName())) {
tokenTicket = cookie.getValue();
break;
}
}
}
logger.info("request tokenTicket == {}", tokenTicket);
return tokenTicket;
}
}