什么是过滤器
- filter简单理解:人--->检票员(filter)---> 景点
SpringBoot2.X里面的过滤器
ApplicationContextHeaderFilter OrderedCharacterEncodingFilter OrderedFormContentFilter OrderedRequestContextFilter
那么多过滤器,哪个优先级高呢?
-
Ordered.HIGHEST_PRECEDENCE Ordered.LOWEST_PRECEDENCE
低位值意味着更高的优先级 Higher values are interpreted as lower priority
自定义Filter,避免和默认的Filter优先级一样,不然会冲突 一般0-100即可
注册Filter配置两种方式
- bean FilterRegistrationBean
- Servlet3.0 webFileter
Servlet3.0 webFileter的使用
开发自定义的过滤器
-
使用Servlet3.0的注解进行配置步骤
- 启动类里面增加 @ServletComponentScan,进行扫描
- 新建一个Filter类,implements Filter,并实现对应的接口
- @WebFilter 标记一个类为filter,被spring进行扫描
- urlPatterns:拦截规则,支持正则
- 控制chain.doFilter的方法的调用,来实现是否通过放行
- 不放行,web应用resp.sendRedirect("/index.html") 或者 返回json字符串
-
场景:权限控制、用户登录状态控制,也可以交给拦截器处理等
-
在线教育项目案例实战:
- 用户登录过滤器 -若没有返回令牌即可返回页面
package work.flyrun.demoproject1.filter;
import org.springframework.util.StringUtils;
import work.flyrun.demoproject1.domain.User;
import work.flyrun.demoproject1.service.impl.UserServiceImpl;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @Program: demo-project1
* @Description: 登陆拦截器
* @Author: chen
* @Dates: 2020-11-08-21-01
* @Version:
**/
@WebFilter(urlPatterns = "/api/v1/pri/*",filterName = "loginFilter")
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("init LoginFilter==");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("doFilter LoginFilter==");
HttpServletRequest request= (HttpServletRequest) servletRequest;
HttpServletResponse response= (HttpServletResponse) servletResponse;
String token = request.getHeader("token");
if (StringUtils.isEmpty(token)){
token=request.getParameter("token");
}
if (StringUtils.isEmpty(token)){
return;
}else {
//判断token是否合法
User user= UserServiceImpl.sessionMap.get(token);
if (user != null){
filterChain.doFilter(servletRequest,servletResponse);
}
}
}
@Override
public void destroy() {
System.out.println("destroy LoginFilter==");
}
}
前后端分离自定义过滤器开发
package work.flyrun.demoproject1.filter;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.util.StringUtils;
import work.flyrun.demoproject1.domain.User;
import work.flyrun.demoproject1.service.impl.UserServiceImpl;
import work.flyrun.demoproject1.utils.JsonData;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @Program: demo-project1
* @Description: 登陆拦截器
* @Author: chen
* @Dates: 2020-11-08-21-01
* @Version:
**/
@WebFilter(urlPatterns = "/api/v1/pri/*",filterName = "loginFilter")
public class LoginFilter implements Filter {
private static final ObjectMapper objectMapper = new ObjectMapper();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("init LoginFilter==");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("doFilter LoginFilter==");
HttpServletRequest request= (HttpServletRequest) servletRequest;
HttpServletResponse response= (HttpServletResponse) servletResponse;
String token = request.getHeader("token");
if (StringUtils.isEmpty(token)){
token=request.getParameter("token");
}
if (!StringUtils.isEmpty(token)){
//判断token是否合法
User user= UserServiceImpl.sessionMap.get(token);
if (user != null){
filterChain.doFilter(servletRequest,servletResponse);
}else {
JsonData jsonData = JsonData.buildError(-2,"登录失败,token无效");
String jsonStr = objectMapper.writeValueAsString(jsonData);
renderJson(response,jsonStr);
}
}else{
JsonData jsonData = JsonData.buildError(-3,"未登录");
String jsonStr = objectMapper.writeValueAsString(jsonData);
renderJson(response,jsonStr);
}
}
/**
* 把响应进行封装json操作
* @param response
* @param json
*/
private void renderJson(HttpServletResponse response,String json){
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
try(PrintWriter writer = response.getWriter()){//流控制
writer.print(json);
}catch (Exception e){
e.printStackTrace();
}
}
@Override
public void destroy() {
System.out.println("destroy LoginFilter==");
}
}
写一个简单的servlet回忆以下servlet
package work.flyrun.demoproject1.filter;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.util.StringUtils;
import work.flyrun.demoproject1.domain.User;
import work.flyrun.demoproject1.service.impl.UserServiceImpl;
import work.flyrun.demoproject1.utils.JsonData;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @Program: demo-project1
* @Description: 登陆拦截器
* @Author: chen
* @Dates: 2020-11-08-21-01
* @Version:
**/
@WebFilter(urlPatterns = "/api/v1/pri/*",filterName = "loginFilter")
public class LoginFilter implements Filter {
private static final ObjectMapper objectMapper = new ObjectMapper();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("init LoginFilter==");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("doFilter LoginFilter==");
HttpServletRequest request= (HttpServletRequest) servletRequest;
HttpServletResponse response= (HttpServletResponse) servletResponse;
String token = request.getHeader("token");
if (StringUtils.isEmpty(token)){
token=request.getParameter("token");
}
if (!StringUtils.isEmpty(token)){
//判断token是否合法
User user= UserServiceImpl.sessionMap.get(token);
if (user != null){
filterChain.doFilter(servletRequest,servletResponse);
}else {
JsonData jsonData = JsonData.buildError(-2,"登录失败,token无效");
String jsonStr = objectMapper.writeValueAsString(jsonData);
renderJson(response,jsonStr);
}
}else{
JsonData jsonData = JsonData.buildError(-3,"未登录");
String jsonStr = objectMapper.writeValueAsString(jsonData);
renderJson(response,jsonStr);
}
}
/**
* 把响应进行封装json操作
* @param response
* @param json
*/
private void renderJson(HttpServletResponse response,String json){
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
try(PrintWriter writer = response.getWriter()){//流控制
writer.print(json);
}catch (Exception e){
e.printStackTrace();
}
}
@Override
public void destroy() {
System.out.println("destroy LoginFilter==");
}
}
Servlet3.0+SpringBoot2.X监听器Listener
监听器:应用启动监听器,会话监听器,请求监听器
-
作用
- ServletContextListener 应用启动监听
- HttpSessionLisener 会话监听 --统计在线仍属
- ServletRequestListener 请求监听
常用的监听器 ServletContextListener、HttpSessionListener、ServletRequestListener)
@WebListener
public class RequestListener implements ServletRequestListener {
@Override
public void contextDestroyed(ServletContextEvent sce) {
System.out.println("======contextDestroyed========");
}
@Override
public void contextInitialized(ServletContextEvent sce) {
System.out.println("======contextInitialized========");
}
}
新版SpringBoot2.X拦截器配置
拦截器: 和过滤器用途基本类似
SpringBoot2.x使用步骤
SpringBoot2.X 新版本配置拦截器 implements WebMvcConfigurer
自定义拦截器 HandlerInterceptor
- preHandle:调用Controller某个方法之前
- postHandle:Controller之后调用,视图渲染之前,如果控制器Controller出现了异常,则不会执行此方法
- afterCompletion:不管有没有异常,这个afterCompletion都会被调用,用于资源清理
按照注册顺序进行拦截,先注册,先被拦截
拦截器不生效常见问题: - 是否有加@Configuration - 拦截路径是否有问题 ** 和 * - 拦截器最后路径一定要 /** 如果是目录的话则是 /*/
在线教育项目案例实战:
- 改造下单 登录 接口
场景:权限控制、用户登录状态控制等
和Filter过滤器的区别
Filter和Interceptor二者都是AOP编程思想的体现,功能基本都可以实现 拦截器功能更强大些,Filter能做的事情它都能做 Filter在只在Servlet前后起作用,而Interceptor够深入到方法前后、异常抛出前后等 filter依赖于Servlet容器即web应用中,而Interceptor不依赖于Servlet容器所以可以运行在多种环境。 在接口调用的生命周期里,Interceptor可以被多次调用,而Filter只能在容器初始化时调用一次。 Filter和Interceptor的执行顺序 过滤前->拦截前->action执行->拦截后->过滤后
补充知识点
如何配置不拦截某些路径? registry.addInterceptor(new LoginIntercepter()).addPathPatterns("/api/v1/pri/**") //配置不拦截某些路径,比如静态资源 .excludePathPatterns("/**/*.html","/**/*.js");
下一章介绍SpringBoot2.x模板引擎