1.重写httpServletRequest中的参数,通过requestWrapper重写httpServletRequest中的参数
package com.combo.filter; import com.alibaba.fastjson.JSONObject; import org.apache.catalina.servlet4preview.http.HttpServletRequestWrapper; import org.apache.commons.codec.Charsets; import org.springframework.util.StringUtils; import javax.servlet.ReadListener; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import java.io.*; import java.util.Enumeration; import java.util.HashMap; import java.util.Map; /** * Created by sunbinbin * Date:2018/10/26 * Time:12:21 */ public class XyRequestWrapper extends HttpServletRequestWrapper { private String body; public XyRequestWrapper(HttpServletRequest request) throws IOException { super(request); StringBuilder stringBuilder = new StringBuilder(); BufferedReader bufferedReader = null; try { InputStream inputStream = request.getInputStream(); if (inputStream != null) { bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"UTF-8")); char[] charBuffer = new char[128]; int bytesRead = -1; while ((bytesRead = bufferedReader.read(charBuffer)) > 0) { stringBuilder.append(charBuffer, 0, bytesRead); } } else { stringBuilder.append(""); } } catch (IOException ex) { throw ex; } finally { if (bufferedReader != null) { try { bufferedReader.close(); } catch (IOException ex) { throw ex; } } } body = stringBuilder.toString(); } @Override public ServletInputStream getInputStream() throws IOException { final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes("UTF-8")); ServletInputStream servletInputStream = new ServletInputStream() { @Override public boolean isFinished() { return false; } @Override public boolean isReady() { return false; } @Override public void setReadListener(ReadListener readListener) { } @Override public int read() throws IOException { return byteArrayInputStream.read(); } }; return servletInputStream; } @Override public BufferedReader getReader() throws IOException { return new BufferedReader(new InputStreamReader(this.getInputStream(), Charsets.UTF_8)); } public String getBody() { return this.body; } @Override public String getParameter(String name) { return super.getParameter(name); } @Override public Map<String, String[]> getParameterMap() { return super.getParameterMap(); } @Override public Enumeration<String> getParameterNames() { return super.getParameterNames(); } @Override public String[] getParameterValues(String name) { return super.getParameterValues(name); } /** * 设置自定义post参数 // * * @param paramMaps * @return */ public void setParamsMaps(Map paramMaps) { Map paramBodyMap = new HashMap(); if (!StringUtils.isEmpty(body)) { paramBodyMap = JSONObject.parseObject(body, Map.class); } paramBodyMap.putAll(paramMaps); body = JSONObject.toJSONString(paramBodyMap); } }
2.配置不需要拦截的URL(比如登录,一些首页的图片)
private static List<String> listUrl = new ArrayList<>();; private Gson gson = new Gson(); static { listUrl.add("/auth/login"); listUrl.add("/checkin/add"); listUrl.add("/heart/beat"); listUrl.add("/swagger"); listUrl.add("/webjars"); listUrl.add("/v2"); listUrl.add("/swagger-ui.html"); listUrl.add("/index"); listUrl.add("/static/css/"); listUrl.add("/static/js/"); listUrl.add("/user/getVerification"); listUrl.add("/user/login"); listUrl.add("/login"); listUrl.add(".html"); listUrl.add("/project/projectList"); listUrl.add("/addUser"); listUrl.add("/favicon.ico"); listUrl.add("/checkAccount"); // listUrl.add("/user/register"); // listUrl.add("/recruit/insertJoinUs"); // listUrl.add("/user/updatePassword"); // listUrl.add("/protectRight/insertInfo"); // listUrl.add("/protectRight/selectRights"); // listUrl.add("/blackList/insertBlackList"); // listUrl.add("/blackList/selectBlackList"); // listUrl.add("/blackList/updateBlackList"); // listUrl.add("/blackList/deleteBlackList"); // listUrl.add("/blackList/selectHistoryList"); // listUrl.add("/recruit/insertCompanyInfo"); // listUrl.add("/recruit/updateCompanyInfo"); // listUrl.add("/education/courseClass"); // listUrl.add("/education/hotVideo"); // listUrl.add("/education/latestVideo"); // listUrl.add("/education/selectVideo"); // listUrl.add("/education/learningDynamics"); // listUrl.add("/education/pointsRankWeeks"); // listUrl.add("/education/courseInfo"); // listUrl.add("/education/numOfStudents"); // listUrl.add("/education/watchingRecords"); // listUrl.add("/protectRight/Donations"); // listUrl.add("/protectRight/findDonations"); // listUrl.add("/protectRight/donationsCount"); // listUrl.add("/protectRight/successDonation"); // listUrl.add("/protectRight/applyGift"); listUrl.add("/education/queryVideo"); listUrl.add("/education/learningDynamics"); listUrl.add("/education/pointsRankWeeks"); listUrl.add("/education/latestVideo"); listUrl.add("/education/hotVideo"); listUrl.add("/education/courseClass"); listUrl.add("/education/courseInfo"); listUrl.add("/education/numOfStudents"); listUrl.add("/worker/selectResume"); listUrl.add("/protectRight/helpExpress"); listUrl.add("/protectRight/donationsCount"); listUrl.add("/protectRight/queryGiftDetails"); listUrl.add("/protectRight/findDonations"); listUrl.add("/protectRight/successDonation"); listUrl.add("/recruit/selectRecruitmentInfo"); listUrl.add("/recruit/findRecruitmentInfo"); listUrl.add("/worker/selectResumeInfo"); listUrl.add("/user/register"); listUrl.add("/user/getMessage"); listUrl.add("/region"); // listUrl.add("/education/courseRelease"); // listUrl.add("/education/updateCourse"); // listUrl.add("/education/deleteCourse"); // listUrl.add("/education/regionRank"); // listUrl.add("/education/monthRank"); // listUrl.add("/personalCenter/myCollection"); // listUrl.add("/personalCenter/trainingRecords"); // listUrl.add("/personalCenter/careMarket"); // listUrl.add("/personalCenter/myPoints"); // listUrl.add("/worker/oneClickInvitation"); // listUrl.add("/personalCenter/enterpriseInvitation"); listUrl.add("/pwTwitterActivities/selectTweets"); listUrl.add("/financialApply/saveFinancialApply"); listUrl.add("/financialApply/saveServiceApply"); listUrl.add("/idxRotationChart/getIdxRotationChartList"); listUrl.add("/idxTwitter"); listUrl.add("/user/forgetPassword"); listUrl.add("/pwTwitterActivities/getPwTwitterActivities");
3.然后做过滤处理(token为空或者token过期进行拦截)
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; resp.setHeader("Access-Control-Allow-Origin", "*"); // 这个allow-headers要配为*,这样才能允许所有的请求头 --- update by zxy in 2018-10-19 resp.setHeader("Access-Control-Allow-Headers", "*"); resp.setHeader("Access-Control-Allow-Methods","PUT,POST,GET,DELETE,OPTIONS"); resp.setHeader("Access-Control-Max-Age", ""); XyRequestWrapper requestWrapper = new XyRequestWrapper(req); // TODO Auto-generated method stub if (request instanceof HttpServletRequest) { LOGGER.info("--------[Request URL]-------------" + req.getRequestURL()); LOGGER.info("--------[Request Client IP]-------------" + getIpAddress(req)); showParams(req); Boolean checkFlag = true; for (String url : listUrl){ if (req.getRequestURI().contains(url)){ checkFlag = false; break; } } // String token1 = req.getHeader("token"); // OrgUser user1 = JwtUtil.getOrgUser(token1); // String userName = user1.getLoginName(); // MemberInfo memberInfo = userMapper.selectPhone(userName); // // if(memberInfo!=null){ // checkFlag = false; // } if (checkFlag) { String token = req.getHeader("Authorization"); if (token == null) { LOGGER.error("-------------------token校验失败-------------------"); return; } else if (token != null) { String str = stringRedisTemplate.opsForValue().get(token); Long st= stringRedisTemplate.boundHashOps(token).getExpire(); System.out.print(st); Map paramsPlus = new HashMap(); paramsPlus.put("token",token); requestWrapper.setParamsMaps(paramsPlus); if (str == null||st<0) { JSONObject json = (JSONObject) JSON.toJSON(WebApiResponse.tokenError(WebApiResponse.ResponseMsg.TOKEN_VERIFY.getValue())); response.setCharacterEncoding("UTF-8"); String jsonString = JSON.toJSONString(json, SerializerFeature.PrettyFormat, SerializerFeature.WriteMapNullValue, SerializerFeature.WriteDateUseDateFormat); response.getWriter().print(jsonString); LOGGER.error("-------------------token校验失败-------------------"); return; } } } } chain.doFilter(requestWrapper, resp);