过滤器Filter,是Servlet的一种技术。可通过Filter,对请求进行拦截,比如判断用户是否登录、验证黑名单等并且可对请求进行预处理。
接下来介绍使用WebFilter配置过滤器并实现读取cookie判断用户是否登陆
编写Filter类
/注册器名称为customFilter,拦截的url为所有
@WebFilter(filterName = "customFilter",urlPatterns = ["/*"])
class CustomFilter:Filter {
var logger = LoggerFactory.getLogger(this::class.java)!!
override fun destroy() {
logger.info("CustomFilter destroy")
}
override fun doFilter(request: ServletRequest?, response: ServletResponse?, chain: FilterChain?) {
val httpServletRequest = request as? HttpServletRequest
if (httpServletRequest != null && response != null) {
//获取用户cookie
val userCookie = httpServletRequest.cookies?.firstOrNull { it.name?.toLowerCase() == "userid" }
//检查cookie的正确性
val userId = userCookie?.value?.toIntOrNull() ?: 0
if(userId <= 0){
val accept = httpServletRequest.getHeader("Accept")
if (accept?.contains("json") == true) {
response.contentType = MediaType.APPLICATION_JSON_VALUE
val str = ObjectMapperExtension.instance.writeValueAsString(CommonResult(null, false, "No Access Token"))
response.writer.print(str)
} else {
response.contentType = MediaType.ALL_VALUE
response.writer.print("No Access Token")
}
return
}
}
logger.info("CustomFilter start")
chain?.doFilter(request,response)
logger.info("CustomFilter complete")
}
override fun init(filterConfig: FilterConfig?) {
logger.info("CustomFilter init")
}
}
然后在启动类加入@ServletComponentScan注解,确保可以扫描到CustomFilter
@SpringBootApplication
@ServletComponentScan
class Demo1Application
fun main(args: Array<String>) {
runApplication<Demo1Application>(*args)
}
随便请求一下,发现返回,我们的过滤器生效了
HTTP/1.1 200
Content-Type: */*;charset=ISO-8859-1
Content-Length: 15
Date: Thu, 18 Oct 2018 07:23:58 GMT
No Access Token
那么试一下接受json格式,添加请求头
Accept: application/json
返回了我们想要的json
HTTP/1.1 200
Content-Type: application/json;charset=ISO-8859-1
Content-Length: 52
Date: Thu, 18 Oct 2018 07:27:08 GMT
{"data":null,"succes":false,"msg":"No Access Token"}
如果加上Cookie(如下),那么就可以正常通过我们的过滤器了
Cookie: userid=3;