说明
需要依赖 jackson 库,将 java 对象转成 json字符串
代码
登录过滤器
跨域时,非简单请求,会发送
OPTIONS请求,需要判断该请求,并直接放行从
session中取出用户信息对象,并判断是否登录如果没有登录,发送的是 ajax 请求,就返回 json 字符串;如果是普通请求,就跳转到登录页面
注意:如果前端使用 axios 发送 ajax 请求,需要指定 x-requested-with 头,详见 链接
package com.zrgj.epidemic.filter;
import com.zrgj.epidemic.pojo.Result;
import com.zrgj.epidemic.util.ResponseUtil;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
@WebFilter(urlPatterns = {"/*"})
public class LoginFilter2 implements Filter {
private static List<String> notFilterList = new ArrayList();
static {
notFilterList.add("/login");
notFilterList.add("/login.html");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String method = request.getMethod();
System.out.println("method:"+method);
//跨域会发送 OPTIONS 请求,直接放行
if("OPTIONS".equals(method)){
chain.doFilter(req,resp);
return;
}
boolean res = isNotFilter(request);
if(res){
chain.doFilter(req,resp);
return;
}
HttpSession session = request.getSession();
if(session.getAttribute("user") == null){
//请求头全小写
// 跨域时,后端必须加上头信息:key是Access-Control-Allow-Headers,值必须包含X-Requested-With
// axios 默认不会发送该头信息,需要指定 axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
String ajaxHeader=request.getHeader("x-requested-with");
System.out.println(ajaxHeader);
if(ajaxHeader!=null && "XMLHttpRequest".equals(ajaxHeader)){
Result result = new Result();
result.setFlag(false);
result.setMessage("您未登录或登录超时,请重新登录!");
ResponseUtil.sendJSON(response,result);
}else{
System.out.println("普通请求");
request.setAttribute("msg","您未登录或登录超时,请重新登录!");
// request.getRequestDispatcher("").forward(request,response);
String context = ((HttpServletRequest) req).getContextPath();
((HttpServletResponse) resp).sendRedirect(context+"/login.html");
}
}else{
chain.doFilter(req, resp);
}
}
/**
* 判断该路径是否需要过滤
* @param request false,不需要过滤;true,需要过滤
* @return
*/
private boolean isNotFilter(HttpServletRequest request){
String servletPath = request.getServletPath();
// 问1:如何在过滤器中,知道访问的是 静态文件(内容不会变的文件:.html、.css、.jpg、.gif)
// String uri = request.getRequestURI();
// System.out.println("uri:"+servletPath);
// 问2:如何刨除去这些请求,不经过过滤器
for(String item : notFilterList){
item = item.replaceAll("\\.","\\\\.");
item = item.replaceAll("\\*","\\.\\*");
boolean res = servletPath.matches(item);
if(res){
return true;
}
}
return false;
}
}
Result 类
详见:https://www.malaoshi.top/show_1IX46aCEJAlV.html