一、web.xml
在web.xml中增加以下代码
<!--统一验证token值是否有效-->
<filter>
<filter-name>TokenFilter</filter-name> //过滤器名称
<filter-class>com.seven.mp.contentmng.utils.TokenFilter</filter-class> //实现类路径
</filter>
<filter-mapping>
<filter-name>TokenFilter</filter-name>
<url-pattern>/conference/*</url-pattern> //目录前缀
</filter-mapping>
二、TokenFilter 实现类
1. 过滤器必须实现Filter 接口 , 即TokenFilter implements Filter
2.代码部分
package com.seven.mp.contentmng.utils;
import com.alibaba.fastjson.JSONObject;
import org.apache.commons.lang3.StringUtils;
import org.springframework.context.ApplicationContext;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.util.ObjectUtils;
import org.springframework.web.context.support.WebApplicationContextUtils;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
public class TokenFilter implements Filter {
private RedisTemplate redisTemplate;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
ApplicationContext context = WebApplicationContextUtils.getWebApplicationContext(filterConfig.getServletContext());
redisTemplate = (RedisTemplate) context.getBean("redisTemplate");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String servletPath = httpServletRequest.getServletPath();
//登录、登出接口直接放行
if ("/auth/login".equalsIgnoreCase(servletPath)
|| "/auth/logout".equalsIgnoreCase(servletPath)
|| "/index".equalsIgnoreCase(servletPath)
|| "/index.html".equalsIgnoreCase(servletPath)
|| "/conference/entries/import_members".equalsIgnoreCase(servletPath)
|| "/conference/entries/import_dinner_members".equalsIgnoreCase(servletPath)
|| "/conference/picture/upload_file".equalsIgnoreCase(servletPath)
|| "/conference/mode/importFile".equalsIgnoreCase(servletPath)
|| "/conference/picture/upload".equalsIgnoreCase(servletPath)
|| "/conference/attendees/namelist/importList".equalsIgnoreCase(servletPath)
|| "/conference/app/attend/member/message".equalsIgnoreCase(servletPath)
|| "/conference/app/attend/member/list".equalsIgnoreCase(servletPath)
|| "/conference/app/attend/group/list".equalsIgnoreCase(servletPath)
|| "/conference/app/discipline/list".equalsIgnoreCase(servletPath)
|| "/conference/app/conferenceAgenda/list".equalsIgnoreCase(servletPath)
|| "/conference/app/logistics/list".equalsIgnoreCase(servletPath)
|| "/conference/app/meetActivity/getInfo".equalsIgnoreCase(servletPath)) {
chain.doFilter(request, response);
return;
}
//get方法直接放行
if ("get".equalsIgnoreCase(httpServletRequest.getMethod())) {
chain.doFilter(request, response);
return;
}
//解析post的json参数
String body = getBody(httpServletRequest);
JSONObject jsonObject = JSONObject.parseObject(body);
if (ObjectUtils.isEmpty(jsonObject)
|| ObjectUtils.isEmpty(jsonObject.get("accessToken"))) {
PrintWriter out = response.getWriter();
JSONObject json = new JSONObject();
json.put("code", ResponseCode.PARAM_FAIL.code());
json.put("msg", "accessToken为空");
out.write(json.toString());
out.flush();
} else {
//2.判断是否过期
String accessToken = (String) jsonObject.get("accessToken");
ValueOperations<String, String> valueOperations = redisTemplate.opsForValue();
String userStr = valueOperations.get("MEETING_" + accessToken);
if (StringUtils.isEmpty(userStr)) {
PrintWriter out = response.getWriter();
JSONObject json = new JSONObject();
json.put("code", ResponseCode.TOKEN_PASS.code());
json.put("msg", ResponseCode.TOKEN_PASS.msg());
out.write(json.toString());
out.flush();
} else {
//使用解析数据重新生成ServletRequest,供doChain调用
request = getRequest(request, body);
chain.doFilter(request, response);
}
}
}
@Override
public void destroy() {
}
/**
* 解析post的json参数
*
* @param request
* @return
* @throws IOException
*/
private String getBody(HttpServletRequest request) throws IOException {
String body = null;
StringBuilder stringBuilder = new StringBuilder();
BufferedReader bufferedReader = null;
try {
InputStream inputStream = request.getInputStream();
if (inputStream != null) {
bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
char[] charBuffer = new char[128];
int bytesRead = -1;
while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
stringBuilder.append(charBuffer, 0, bytesRead);
}
} else {
stringBuilder.append("");
}
} catch (IOException ex) {
throw ex;
} finally {
if (null != bufferedReader) {
bufferedReader.close();
}
}
body = stringBuilder.toString();
return body;
}
/**
* 将post解析过后的request进行封装改写
*
* @param request
* @param body
* @return
*/
private ServletRequest getRequest(ServletRequest request, String body) {
String enctype = request.getContentType();
if (StringUtils.isNotEmpty(enctype) && enctype.contains("application/json")) {
return new PostServletRequest((HttpServletRequest) request, body);
}
return request;
}
}