注意:此处用于前后端分离的项目,所以返回是json字符串
自定义 Filter 有两种实现⽅式:
第一种是使⽤用 @WebFilter
第二种是使⽤FilterRegistrationBean
1.yml中配置
server:
port: 8081
servlet:
context-path: /hnezzsbm #springboot默认没有项目名
accessPath: /login,/register,/sendPost,/retrievePass,/entroll/getZsbmStudentAchievement #不用登陆就可以访问的接口
2.启动类上要加上@ServletComponentScan注解
加上此注解,Servlet(控制器)、Filter(过滤器)、Listener(监听器)可以直接通过@WebServlet、@WebFilter、@WebListener注解自动注册到Spring容器中,无需其他代码。
3.创建过滤器代码
package com.iflytek.edu.hnezzhxy.filter;
import com.alibaba.fastjson.JSONObject;
import com.iflytek.edu.hnezzhxy.common.config.Constants;
import com.iflytek.edu.hnezzhxy.common.enums.ResponseCodeEnum;
import com.iflytek.edu.hnezzhxy.util.ResponseResultUtil;
import com.iflytek.edu.hnezzhxy.vo.ResultVO;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.MediaType;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.nio.charset.Charset;
/**
* @create: 2018-03-12 13:20:54
* @version 1.0
*/
@WebFilter(filterName = "sessionFilter",urlPatterns = {"/*"})
public class SessionFilter implements Filter {
private static final Logger logger = LoggerFactory.getLogger(SessionFilter.class);
/** 不需要登录就可以访问的路径(比如:注册登录等) **/
@Value("${accessPath}")
private String[] includeUrls;
/** 项目路径 **/
@Value("${server.servlet.context-path}")
private String contextPath;
@Override
public void init(FilterConfig filterConfig) throws ServletException {}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession(false);
String uri = request.getRequestURI();
//是否需要过滤
Boolean needFilter = isNeedFilter(uri);
if (!needFilter) {
//不需要过滤直接传给下一个过滤器
filterChain.doFilter(servletRequest, servletResponse);
} else { //需要过滤器
// session中包含user对象,则是登录状态
if(session!=null&&session.getAttribute(Constants.SESSION_USER_Attribute) != null){
filterChain.doFilter(request, response);
}else{
String requestType = request.getHeader("X-Requested-With");
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding(Charset.forName(Constants.ECODE_UTF8).displayName());
PrintWriter writer = response.getWriter();
//判断是否是ajax请求
if(requestType!=null && "XMLHttpRequest".equals(requestType)){
ResultVO result = new ResponseResultUtil().success(ResponseCodeEnum.LOGIN_SUCCESS.getCode(),
ResponseCodeEnum.LOGIN_SUCCESS.getMessage(), null, true);
writer.write(JSONObject.toJSON(result).toString());
}else{
//重定向到登录页(需要在static文件夹下建立此html文件)
logger.info("尚未登陆,跳转登陆页面!");
ResultVO result = new ResponseResultUtil().success(ResponseCodeEnum.UNLOGIN_ERROR.getCode(),
ResponseCodeEnum.UNLOGIN_ERROR.getMessage(), null, true);
writer.write(JSONObject.toJSON(result).toString());
}
return;
}
}
}
/**
* @Description: 是否需要过滤
* @Date: 2018-03-12 13:20:54
* @param uri
*/
public Boolean isNeedFilter(String uri) {
for (String includeUrl : includeUrls) {
String newIncludeUrl=contextPath+includeUrl;
if(newIncludeUrl.equals(uri)) {
return false;
}
}
return true;
}
@Override
public void destroy() {}
}
4.这种添加过滤器不能控制过滤器的执行顺序,所以一般推荐用FilterRegistrationBean过滤器方式