1.定义一个继承UsernamePasswordAuthenticationFilter类的登录过滤器
该类里面主要定义生成jwt和解析jwt的方法,本篇文章不记录JWT的生成等,重点在于对如何解析得到request里面的参数。
因为这里用了spring security框架且这里继承了框架的UsernamePasswordAuthenticationFilter过滤器类,所以这里前端发送过来的请求参数名必定只能是username和password,但是我这个项目的用户唯一标识是学生的学号(也就是前端发送过来的是username = 学号),所以我这里才要这样处理一下:
// 接收并解析用户凭证 @Override public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res) throws AuthenticationException { //TODO1: final Map<String, Object> dataFromRequest = getDataFromRequest(req); final String username = (String) dataFromRequest.get("username"); final String password = (String) dataFromRequest.get("password"); //TODO try { Student user = new Student(); user.setUid(username); user.setPassword(password); return authenticationManager.authenticate( new UsernamePasswordAuthenticationToken( user.getUid(),//设置学号,也就是前端请求发过来的username user.getPassword(), new ArrayList<>()) ); } catch (Exception e) { //请先注册 throw new RuntimeException(e); } }
解析request请求的方法:
private Map<String,Object> getDataFromRequest(HttpServletRequest request){ Gson gson = new Gson(); String type = request.getContentType(); Map<String,Object> receiveMap = new HashMap<String,Object>(); if("application/x-www-form-urlencoded".equals(type)){ Enumeration<String> enu = request.getParameterNames(); while (enu.hasMoreElements()) { String key = String.valueOf(enu.nextElement()); String value = request.getParameter(key); receiveMap.put(key, value); } }else{ //else是text/plain、application/json这两种情况 BufferedReader reader = null; StringBuilder sb = new StringBuilder(); try{ reader = new BufferedReader(new InputStreamReader(request.getInputStream(), "utf-8")); String line = null; while ((line = reader.readLine()) != null){ sb.append(line); } } catch (IOException e){ e.printStackTrace(); } finally { try{ if (null != reader){ reader.close(); } } catch (IOException e){ e.printStackTrace(); } } receiveMap = gson.fromJson(sb.toString(), new TypeToken<Map<String, String>>(){}.getType());//把JSON字符串转为对象 } return receiveMap; }
以上是针对前端请求是通过JSON/(application/json)的形式对参数的解析方法,下面我们来看下对前端表单(formm/data)提交这里的解析参数方法:
注意:只要将上面的//TODO内的代码换成下列代码即可:
Student user = new Student(); user.setUid(req.getParameterValues("username")[0]); user.setPassword(req.getParameterValues("password")[0]);
2.顺带一提对于JSON/(application/json)的形式在controller里对参数的解析方法:
这里利用sprinngmvc提供的ObjectMapper能够解析出类似这种:
的参数,
Temp类是自定义的实体类,是用于对该属性的映射临时实体类:
@Data public class Temp implements Serializable{ private String email; }
具体做法:
@Autowired private ObjectMapper objectMapper; @PostMapping("/auth/email") public ResponseEntity<String> getEmailVerificationCode(@RequestBody String email) throws IOException { final Temp newEmail = objectMapper.readValue(email, Temp.class);
3.最后:
有需要的可以给我留言,我会回复的。