首先需要了解过滤器和拦截器的区别以及运行顺序
图片来自@程序员内点事
有些时候需要在过滤中写跨域请求的处理
这里Token的验证就在拦截器里 当然写在过滤器里也行
import lombok.extern.slf4j.Slf4j; import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; import org.springframework.stereotype.Component; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.util.Arrays; import java.util.List; @Configuration public class MyConfig { @Order @Component @Slf4j public class AuthFilter implements Filter { String errorInterface = "/LoginController/request";//兜底方法 //白名单接口 private static List< String > whiteList = Arrays.asList( "/LoginController/login", "/LoginController/request" ); //过滤器 这个过滤器用来处理跨域请求 验证token @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //接口转换 HttpServletRequest req = (HttpServletRequest) request; //白名单接口放行的 *** 作(即不需要验证Token) String path = req.getServletPath() for (String s : whiteList) { if (path.contains(s)) { chain.doFilter(request, response); return; } } //中间写逻辑代码,判断Token是否正确,失败则返回false String token = req.getHeader("Token"); //从请求头中得到token if (token == null || token.trim().length() == 0) { //没有Token直接转发到错误请求 request.getRequestDispatcher(errorInterface).forward(request, response); return; } else { chain.doFilter(request, response); return; } } } }
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)