前言
使⽤Servlet3.0的注解进⾏配置步骤 启动类⾥⾯增加 @ServletComponentScan,进⾏扫描
新建⼀个Filter类,implements Filter,并实现对应的接⼝ @WebFilter
标记⼀个类为filter,被spring进⾏扫描 urlPatterns:拦截规则,⽀持正则
控制chain.doFilter的⽅法的调⽤,来实现是否通过放⾏
不放⾏,web应⽤resp.sendRedirect("/index.html") 或者 返回json字符串
目录:
![](https://img.laitimes.com/img/9ZDMuAjOiMmIsIjOiQnIsICM38FdsYkRGZkRG9lcvx2bjxiNx8VZ6l2cs0TPB1keFR0TzkFVOBDOsJGcohVYsR2MMBjVtJWd0ckW65UbM5WOHJWa5kHT20ESjBjUIF2X0hXZ0xCMx81dvRWYoNHLrdEZwZ1Rh5WNXp1bwNjW1ZUba9VZwlHdssmch1mclRXY39CXldWYtlWPzNXZj9mcw1ycz9WL49zZuBnLwEzN2AzM0ATM0AjMwEjMwIzLc52YucWbp5GZzNmLn9Gbi1yZtl2Lc9CX6MHc0RHaiojIsJye.png)
整体架构:
首先最底层是user这个用户(在domain层),定义了账号,密码,和他的获取方法
然后是mapper层中的userMapper,建立一个map结果,静态代码块put进入一些数据,然后加入login方法,判断用户密码是否正确(下图就是usermapper的login方法)
然后是service层中,把userMapper注入到了userServiceImpl中,然后定义了一个大的login方法,把userMapper的login方法封装在其中,并且随机产生token。(下图是userServiceImpl的login方法)
最后controller层中,把userService注入到了里面,继续定义了一个大的login方法,又把原本userservice的login方法封装到了里面(下图是usercontroller层的login方法)
过滤器代码:
此代码可以参考前言来学习
loginFilter:
webFilter的路径是表示拦截器所要拦截的接口,必须继承Filter接口自定义,需要用到ObjectMapper这个类,然后重写doFilter函数为自己的需求
package net.xdclass.demoproject.filter;
import com.fasterxml.jackson.databind.ObjectMapper;
import net.xdclass.demoproject.domain.User;
import net.xdclass.demoproject.service.impl.UserServiceImpl;
import net.xdclass.demoproject.utils.JsonData;
import org.springframework.util.StringUtils;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@WebFilter(urlPatterns = "/api/v1/pri/*", filterName = "loginFilter")
public class LoginFilter implements Filter {
private static final ObjectMapper objectMapper = new ObjectMapper();
/**
* 容器加载的时候
* @param filterConfig
* @throws ServletException
*/
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("init LoginFilter======");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("doFilter LoginFilter======");
HttpServletRequest req = (HttpServletRequest) servletRequest;
HttpServletResponse resp = (HttpServletResponse) servletResponse;
String token = req.getHeader("token");
if(StringUtils.isEmpty(token)){
token = req.getParameter("token");
}
if(!StringUtils.isEmpty(token)){
//判断token是否合法
User user = UserServiceImpl.sessionMap.get(token);
if(user!=null){
filterChain.doFilter(servletRequest,servletResponse);
}else {
JsonData jsonData = JsonData.buildError("登录失败,token无效",-2);
String jsonStr = objectMapper.writeValueAsString(jsonData);
renderJson(resp,jsonStr);
}
}else {
JsonData jsonData = JsonData.buildError("未登录",-3);
String jsonStr = objectMapper.writeValueAsString(jsonData);
renderJson(resp,jsonStr);
}
}
private void renderJson(HttpServletResponse response,String json){
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
try(PrintWriter writer = response.getWriter()){
writer.print(json);
}catch (Exception e){
e.printStackTrace();
}
}
/**
* 容器销毁的时候
*/
@Override
public void destroy() {
System.out.println("destroy LoginFilter======");
}
}
接口截图:
先从登录接口,传入正确用户密码,然后返回token值
将token值传入下单接口的header参里,返回下单成功
如果token随便编了一个值,拦截器就拦截下了
token不填入值的话: