1.注意配置main方法启动类上加注解@ServletComponentScan
2.最好配置一个全局异常捕获类方便操作
3.因为鉴别token时从redis中取得,注意配置redistemplate,(此处我碰到了一个小问题,j s kon解析出现了异常:::解决方法-可以替换为stringredistemplate解析!!!)
此处配置的filter类:有注解
package com.service.config;
import com.alibaba.fastjson.JSON;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.servlet.HandlerExceptionResolver;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
/**
* 全局过滤器
* @author 25338
* @version 1.1
* @date 2021/3/12 21:19
* urlPatterns /*拦截所有路径
*/
@Slf4j
@WebFilter(urlPatterns = "/*")
public class WebFilterClass implements Filter {
//spring官方推荐是用构造方法初始化加载所需要的bean可以防止加载空对象
private final RedisTemplate<String,String> redisTemplate;
private final HandlerExceptionResolver handlerExceptionResolver;
public WebFilterClass(RedisTemplate<String,String> redisTemplate,
HandlerExceptionResolver handlerExceptionResolver){
log.info("此处初始化!!!webFilterClass");
this.redisTemplate=redisTemplate;
this.handlerExceptionResolver=handlerExceptionResolver;
}
//需要过滤的url
private static List<String> urlFilterPath=new LinkedList<>();
//可以放过的url
private static Map<String,String> urlPassPath=new HashMap<>();
//初始化类信息时只加载一次
static {
urlFilterPath.add("/lwlog-language");
urlFilterPath.add("sayhello");
urlFilterPath.add("createMq");
//通过的方法
urlPassPath.put("user","user");
urlPassPath.put("favicon","favicon");
urlPassPath.put("swagger","swagger");
urlPassPath.put("api-docs","api-docs");
log.info("static");
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
log.info("初始化容器");
}
@Override
public void doFilter(ServletRequest servletRequest,
ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
//获取到的servlet数据信息
HttpServletRequest request=(HttpServletRequest)servletRequest;
HttpServletResponse response=(HttpServletResponse)servletResponse;
log.info("获取到的信息header中的token为:{}", request.getHeader("token"));/*
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Methods", "HEAD, POST, GET, OPTIONS, DELETE, PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");*/
log.info("获取到的方法路径信息为:{}", request.getRequestURI());
log.info("获取到的路径信息为:{}", request.getRequestURL());
String path=request.getRequestURL().toString();
String token=request.getHeader("token");
//如果是登陆页面接口或者其他可以通过的接口,直接通过
if(getPass(path)){
log.info("放开的路径!");
filterChain.doFilter(servletRequest,servletResponse);
//return;
}
//查询是否是需要过滤的接口
else if(getFilter(path)){
String redisToken=redisTemplate.opsForValue().get("token");
log.info("redis中的token:{}",redisToken);
if(token==null){
handlerExceptionResolver.resolveException(request, response, null,new Exception("401"));
}
if(token!=null&&token.equals(redisToken)){
filterChain.doFilter(servletRequest,servletResponse);
}else {
//这里定义handlerExceptionResolver返回错误抛出异常,如果只是throw exception外加信息的话
//你的全局异常会加载拦截不到,因为servlet处理还没到业务下边的逻辑层,所以这么拦截更保险
//最好自己配置一个全局异常拦截
handlerExceptionResolver.resolveException(request, response,
null,new Exception("401"));
//throw new Exception("401");
}
}
}
@Override
public void destroy() {
log.info("销毁filter容器");
}
/**
* 通过的方法
* @param methodUrl
* @return
*/
public boolean getPass(String methodUrl){
if(urlPassPath!=null){
for (String pass:urlPassPath.keySet()) {
if(methodUrl.contains(pass)){
return true;
}
}
}
return false;
}
/**
* 过滤的方法
* @param methodUrl
* @return
*/
private boolean getFilter(String methodUrl){
if(urlFilterPath!=null){
for (String filter:urlFilterPath) {
if(methodUrl.contains(filter)){
return true;
}
}
}
return false;
}
}
此处是全局异常捕获可以自己加在配置一下、以及自己配置的error类
package com.service.config;
import com.service.entity.vo.ErrorVo;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
/**
* @author 25338
* @version 1.1
* @date 2021/3/13 22:08
*/
@RestControllerAdvice
@Slf4j
public class AllExceptionCatch {
@ExceptionHandler(value = Exception.class)
public Object getError(Exception e){
log.info("抛出全局异常信息:"+e.getMessage());
ErrorVo errorVo=new ErrorVo();
errorVo.setMessage(e.getMessage());
errorVo.setName("错误信息");
return errorVo;
}
}
package com.service.entity.vo;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* @author 25338
* @version 1.0
* @date 2020/7/17 17:35
* @description 错误类信息
*/
@Data
@AllArgsConstructor
@NoArgsConstructor
public class ErrorVo {
private String name;
private String message;
}
此处应该再加上redistemplate的配置,这里就不加了以前有过配置!欢迎讨论