1. web.xml中配置过滤器
<filter>
<filter-name>TokenCheckFilter</filter-name>
<filter-class>XXX.token.TokenCheckFilter</filter-class>
<init-param>
<param-name>excludedPages</param-name>
<param-value>/mobile/login,/mobile/register,/mobile/errorPermission</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>TokenCheckFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
备注:/mobile/login,/mobile/register,/mobile/errorPermission是例外项
2. 实现TokenCheckFilter
public class TokenCheckFilter implements Filter {
// private static final Logger logger = LoggerFactory.getLogger(TokenCheckFilter.class);
// private static final String redisServer = Global.getConfig("redis.server");
private String excludedPages;
private String[] excludedPageArray;
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
//如果请求在web.xml配置的例外项之内,则直接转发到目的地址
if (isExcludedPage((HttpServletRequest) req)) {
chain.doFilter(req, resp);
} else {
try {
// 防止流读取一次后就没有了, 所以需要将流继续写出去
TokenHttpRequestWrapper tokenHttpRequestWrapper =
new TokenHttpRequestWrapper((HttpServletRequest) req);
String requestBody = tokenHttpRequestWrapper.getBody();
//拿到流之后,就可以做自己的处理了
*
*
*
// 下面/* */中的代码可以忽略不计
/*JSONObject object = JSON.parseObject(requestBody);
String token = (String) object.get("token");
if (StringUtils.isEmpty(token)) {
sendRedirectToError((HttpServletRequest) req,
(HttpServletResponse) resp);
return;
}
@SuppressWarnings("resource")
Jedis jedis = new Jedis(redisServer);
String moblie = jedis.get(token);
if (StringUtils.isEmpty(moblie)) {
sendRedirectToError((HttpServletRequest) req,
(HttpServletResponse) resp);
return;
}*/
//做完自己的处理后,跳转到目的地址
chain.doFilter(tokenHttpRequestWrapper, resp);
} catch (Exception e) {
sendRedirectToError((HttpServletRequest) req,
(HttpServletResponse) resp);
return;
}
}
}
public void init(FilterConfig config) throws ServletException {
excludedPages = config.getInitParameter("excludedPages");
if (StringUtils.isNotEmpty(excludedPages)) {
System.out.println(excludedPages);
excludedPageArray = excludedPages.split(",");
}
return;
}
private boolean sendRedirectToError(HttpServletRequest req, HttpServletResponse resp) throws IOException {
StringBuffer sb = new StringBuffer(req.getContextPath());
sb.append("/mobile/errorPermission");
resp.sendRedirect(sb.toString());
//logger.info(Messages.ERROR_PERMISSION);
return false;
}
private boolean isExcludedPage(HttpServletRequest req){
boolean isExcludedPage = false;
for (String page : excludedPageArray) {// 判断是否在过滤url之外
if ((req).getServletPath().equals(page)) {
isExcludedPage = true;
break;
}
}
return isExcludedPage;
}
}
3. 因为流只能读一次就没有了, 为了后面的代码(Controller)还能够取得流, 我们还需要建一个类将其写出去才行
public class TokenHttpRequestWrapper extends HttpServletRequestWrapper {
private String body;
public TokenHttpRequestWrapper(HttpServletRequest request) {
super(request);
body = ReqUtil.getRequestBody(request);
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes());
return new ServletInputStream() {
@Override
public int read() throws IOException {
return byteArrayInputStream.read();
}
};
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
public String getBody(){
return body;
}
}
4. 实现TokenHttpRequestWrapper中调用用来读取流的工具类ReqUtil
public class ReqUtil {
public static String getRequestBody(HttpServletRequest request){
StringBuilder buffer = new StringBuilder();
BufferedReader reader = null;
try {
reader = new BufferedReader(
new InputStreamReader(request.getInputStream(), "UTF-8"));
String line = null;
while ((line = reader.readLine()) != null) {
buffer.append(line);
}
} catch (Exception e) {
e.printStackTrace();
} finally {
if (null != reader) {
try {
reader.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return buffer.toString();
}
}
5. 然后在Controller中的方法中就可以读取流了
@RequestMapping(value = "/moblie/login",method = RequestMethod.POST)
@ResponseBody
public Object login(@RequestBody User user) {
//System.out.println(user.getName());
}