public class LoginFilter implements Filter {
private static final Logger log = LoggerFactory.getLogger(LoginFilter.class);
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterchain) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
String uri = req.getRequestURI();
String path = req.getContextPath();
String contextPath = null;
log.info(uri);
if(StringUtils.isNotBlank(path) && path.indexOf(SysConfig.CONTEXT_PATH) != -1){
contextPath = path;
}
//如果不是静态文件
if(!judgeDefault(uri, req)){
SysUserBo userSession = Utile.getUserFromSession(req);
if(userSession != null){
//如果不是公用页面
if(!judgePublic(uri,req)){
//如果不是授权页面
if(!judgeLimit(uri, req)){
resp.sendRedirect(contextPath + SysConfig.LIMIT_OUT);
return;
}
}
}else{
resp.sendRedirect(contextPath + SysConfig.LONGIN_PAGE);
return;
}
}
filterchain.doFilter(request, response);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
private String getServletContext(String url , HttpServletRequest request){
String path = request.getContextPath();
if(StringUtils.isNotBlank(path) && path.indexOf(SysConfig.CONTEXT_PATH) != -1){
url = url.replace(path, "");
}
return url;
}
/**
* 判断是否是静态链接,登录,欢迎等默认页面
* judgeDefault:(这里用一句话描述这个方法的作用)
* (这里描述这个方法适用条件 – 可选)
* 创建人:jenny
* 修改人:jenny
* @param url
* @param request
* @return
*boolean
* @exception
* @since 1.0.0
*/
private boolean judgeDefault(String url , HttpServletRequest request) {
if(url.equals("/")){
return true;
}
if(url.equals(SysConfig.CONTEXT_PATH)){
return true;
}
if(url.indexOf(SysConfig.STATIC_FLODER_NAME) != -1){
return true;
}
url = getServletContext(url, request);
for (String action : SysConfig.OUT_ACTION) {
if (url.equals(action)) {
return true;
}
}
return false;
}
/**
* 针对登录用户,判断是否是共用页面
* judgePublic:(这里用一句话描述这个方法的作用)
* (这里描述这个方法适用条件 – 可选)
* 创建人:jenny
* 修改人:jenny
* @param url
* @param request
* @return
*boolean
* @exception
* @since 1.0.0
*/
private boolean judgePublic(String url, HttpServletRequest request) {
url = getServletContext(url, request);
for (String pUrl : SysConfig.PUBLIC_LIMIT) {
if (pUrl.equals(url))
return true;
}
return false;
}
/**
* 针对登录用户,判断是否有权限访问
*
* @param url
* @param request
* @return
*/
public boolean judgeLimit(String url, HttpServletRequest request) {
url = getServletContext(url, request);
@SuppressWarnings("unchecked")
List<MenuEntityPojo> limitList = (List<MenuEntityPojo>) request
.getSession().getAttribute(SysConfig.SESSION_LIMIT_URL_KEY);
if (limitList != null)
for (MenuEntityPojo fn : limitList) {
/*if (null == fn.getMatch()) {
continue;
}*/
if (url.equals(fn.getMatch())) {
return true;
}
// 正则验证
if (Pattern.compile(fn.getMatch()).matcher(url).matches()) {
return true;
}
}
return false;
}
}