发现filter用法比较杂乱,现整理一份:
1.spring应用中存在两种过滤用法,一种是拦截器,另一种是过滤器.
过滤器再springboot中使用和在springmvc中用法基本上一样.只是配置上面有点区别.
2.filter功能,它使用户可以改变一个request和修改一个response.Filter不是一个servlet,它不能产生一个response,它能够在
一个request到达servlet之前预处理request,也可以在离开servlet时处理response.
一个Filter包括:
1,在servlet被调用之前截获
2,在servlet被调用之前检查servlet request
3,根据需要修改request头和request数据
4,根据需要修改response头和response数据
5,在servlet被调用之后截获
登录filter:
package com.bag.comm.filter; import com.bag.controller.web.ParentController; import com.bag.utils.utils; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.HashSet; import java.util.Set; @WebFilter(urlPatterns = {"/manage/student/*", "/manage/teacher/*", "/manage/organization/*", "/manage/school/*", "/manage/operator/*"}, filterName = "loginFilter") public class LoginFilter extends ParentController implements Filter { //不用过虑的地址 private static Set<String> GreenUrlSet = new HashSet<String>(); @Override public void init(FilterConfig filterConfig) throws ServletException { //静态资源 GreenUrlSet.add("/AdminLTE/**"); GreenUrlSet.add("/common/**"); GreenUrlSet.add("/docs/**"); GreenUrlSet.add("/js/**"); GreenUrlSet.add("/plugins/**"); GreenUrlSet.add("/website/**"); GreenUrlSet.add("/xgui-1.2.6/**"); } @Override public void doFilter(ServletRequest srequest, ServletResponse sresponse, FilterChain filterChain) throws IOException, ServletException { //request HttpServletRequest request = (HttpServletRequest) srequest; //response HttpServletResponse response = (HttpServletResponse) sresponse; //访问地址 String uri = request.getRequestURI(); System.out.println("过虑地址:" + uri); //放行不需要验证的地址 if (utils.matchesUri(GreenUrlSet, uri)) { filterChain.doFilter(srequest, sresponse); } //需要验证 else { System.out.println("需要验证的地址:" + uri); // 验证是否已登录 if (IsLogin()) { if (getUserType() == 2 && utils.matchesUri("/manage/teacher/**", uri)) { filterChain.doFilter(srequest, sresponse); } //根据不同的用户进行跳转到登录页 else { response.sendRedirect(request.getContextPath() + getUrlForUser(getUserType())); } } //未登录 else { //重定向登录页面 loginRedirect(request, response); } } } @Override public void destroy() { } }
后台:
package com.bag.comm.filter; import com.bag.controller.web.BaseController; import com.bag.domain.KAuth; import com.bag.utils.utils; import org.apache.commons.lang.StringUtils; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.HashSet; import java.util.Set; @WebFilter(urlPatterns = "/admin/*", filterName = "adminFilter") public class ManageFilter extends BaseController implements Filter { //不用过虑的地址 private static Set<String> GreenUrlSet = new HashSet<String>(); @Override public void init(FilterConfig filterConfig) throws ServletException { //静态资源 GreenUrlSet.add("/AdminLTE/**"); GreenUrlSet.add("/common/**"); GreenUrlSet.add("/docs/**"); GreenUrlSet.add("/js/**"); GreenUrlSet.add("/plugins/**"); GreenUrlSet.add("/website/**"); GreenUrlSet.add("/xgui-1.2.6/**"); } @Override public void doFilter(ServletRequest srequest, ServletResponse sresponse, FilterChain filterChain) throws IOException, ServletException { //request HttpServletRequest request = (HttpServletRequest) srequest; //response HttpServletResponse response = (HttpServletResponse) sresponse; //访问地址 String uri = request.getRequestURI(); System.out.println("过虑地址:" + uri); //放行不需要验证的地址 if (utils.matchesUri(GreenUrlSet, uri)) { filterChain.doFilter(srequest, sresponse); } //需要验证 else { System.out.println("需要验证的地址:" + uri); // 验证是否已登录 if (IsLogin()) { //管理员类别 if (getUserType() == 7) { // 身份存在,放行 filterChain.doFilter(srequest, sresponse); } //根据不同的用户进行跳转 else { response.sendRedirect(request.getContextPath() + getUrlForUser(getUserType())); } } //未登录 else { //重定向登录页面 loginRedirect(request, response); } } } @Override public void destroy() { } }
BaseController.java
package com.bag.controller.web; import com.bag.domain.*; import com.bag.domain.common.User.Admin; import com.bag.domain.result.AuthMenu; import com.bag.service.*; import com.bag.utils.CookieUtil; import com.bag.utils.RedisUtils; import com.bag.utils.utils; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.io.PrintWriter; import java.net.URLEncoder; import java.util.ArrayList; import java.util.Date; import java.util.List; /** * 基础控制器 */ @Controller public class BaseController { protected Logger logger = Logger.getLogger(this.getClass()); //用户 @Autowired protected UserService userService; //登录日志 @Autowired protected UserLogonService userLogonService; //用户角色 @Autowired private UserRoleService userRoleService; //角色权限 @Autowired private RoleAuthService roleAuthService; //角色 @Autowired private RoleService roleService; //权限 @Autowired private AuthService authService; @Autowired private UserAuthService userAuthService; @Autowired private RedisUtils redisUtils; //request protected HttpServletRequest getRequest() { return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); } //session protected HttpSession getSession() { return getRequest().getSession(); } /** * 是否登录 * * @return * @throws Exception * @throws NumberFormatException */ public boolean IsLogin() { return CurUser() != null; } /** * 当前用户信息 * * @return * @throws NumberFormatException * @throws Exception */ public Admin CurUser() { //得到session用户 Admin curUser = (Admin) getSession().getAttribute("user"); if (curUser != null) { return curUser; } // 通过cookie else { String uid = CookieUtil.getCookie(getRequest(), "uid"); String token = CookieUtil.getCookie(getRequest(), "valid"); //用户类别 String type = CookieUtil.getCookie(getRequest(), "type"); if (StringUtils.isNotEmpty(uid) && StringUtils.isNotEmpty(token) && StringUtils.isNotEmpty(type)) { // 用户登录信息 kUserLogon logon = null; try { logon = userLogonService.getUserLogonByUser(Long.parseLong(uid), 1); } catch (Exception e) { e.printStackTrace(); } if (logon.getToken().equals(token) && new Date().before(logon.getExpireDate())) { // 用户信息 try { //得到用户信息 curUser = setAdmin(userService.getUserById(Long.parseLong(uid))); } catch (Exception e) { e.printStackTrace(); } // 设置session getSession().setAttribute("user", curUser); return curUser; } } return null; } } /** * 用户id * * @return */ protected Long getUserId() { return CurUser().getId(); } /** * 用户姓名 * * @return */ protected String getName() { return CurUser().getName(); } /** * 用户性别 * * @return */ protected int getSex() { return CurUser().getSex(); } /** * 用户类别 * * @return */ protected int getUserType() { return CurUser().getUserType(); } /** * 设置管理员信息 * * @param user * @return */ public Admin setAdmin(KUser user) { //设置用户信息 Admin u1 = new Admin(); u1.setId(user.getId()); u1.setName(user.getName()); u1.setSex(user.getSex()); u1.setUserType(user.getUserType()); return u1; } /** * 得到用户默认跳转地址 * * @param usertype * @return */ public String getUrlForUser(int usertype) { //教师 if (usertype == 2) { return "/manage/teacher/"; } //家长 else if (usertype == 4) { return "/manage/student/"; } //机构管理 else if (usertype == 5) { return "/manage/organization/course/"; } //学校管理 else if (usertype == 6) { return "/manage/school/info/"; } //管理员 else if(usertype == 7) { return "/admin/home/"; } //区域运营商 else if (usertype == 8) { return "/manage/operator/"; } return "/"; } /** * 重定向登录页面 * * @param request * @param response */ public void loginRedirect(HttpServletRequest request, HttpServletResponse response) { if (request.getMethod().equalsIgnoreCase("GET")) { // 跳转地址 String redirectUrl = request.getQueryString() != null ? request.getRequestURI() + "?" + request.getQueryString() : request.getRequestURI(); // 重定向 try { response.sendRedirect(request.getContextPath() + "/web/login?backurl=" + URLEncoder.encode(redirectUrl, "utf-8")); } catch (IOException e) { e.printStackTrace(); } } else { response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); response.setStatus(401); PrintWriter out = null; try { out = response.getWriter(); out.append("{\"code\":401,\"msg\":\"未登录\"}"); } catch (IOException e) { e.printStackTrace(); } finally { if (out != null) { out.close(); } } } } /**查询全部权限 * @return */ public List<String> getAuthList(){ List<String> kAuthAll = null; List<String> kAuths = (List<String>)redisUtils.get("user_auth_all"); try { if(kAuths != null){ return kAuths; } kAuthAll = authService.getAuthActions(); redisUtils.set("user_auth_all",kAuthAll,15* 60L); } catch (Exception e) { logger.error(e); } return kAuthAll; } public List getAuth() { Long userId = getUserId(); List<AuthMenu> auth = null; try { auth = (List<AuthMenu>)redisUtils.get("user_auth_"+userId); if( auth != null){ return auth; } List<KUserAuth> kUserAuths = userAuthService.getUserAuthByUserId(getUserId()); List<Integer> userAuthIds = new ArrayList<>(); for (KUserAuth kUserAuth:kUserAuths){ userAuthIds.add(kUserAuth.getAuthId()); } if(userAuthIds.size() > 0){ auth = authService.getAuthListByIds(userAuthIds); redisUtils.set("user_auth_"+getUserId(),auth,60L); } } catch (Exception e) { logger.error(e.getMessage()); } return auth; } public boolean authUrl(String uri){ List<AuthMenu> authMenus = getAuth(); boolean flag = false; for (AuthMenu authMenu : authMenus) { List<String> action = authMenu.getActions(); for(String authUri:action){ if (StringUtils.equals(authUri,uri)){ flag = true; break; } } } return flag; } }