filter就是其他框架中的中间件,在SpringBoot启动时有很多默认加载的Filter 例如:
- characterEncodingFilter
- hiddenHttpMethodFilter
- httpPutFormContentFilter
- requestContextFilter
Filter存在一个优先级, 数值越小越靠前
这有两个常量用来表顺顺序 Ordered.HIGHEST_PRECEDENCE Ordered.LOWEST_PRECEDENCE
低位值意味着更高的优先级 Higher values are interpreted as lower priority,自定义Filter,避免和默认的Filter优先级一样,不然会冲突
还可以注册Filter的bean FilterRegistrationBean
自定义Filter
1)使用Servlet3.0的注解进行配置
2)启动类里面增加 @ServletComponentScan,进行扫描
3)新建一个Filter类,implements Filter,并实现对应的接口
4) @WebFilter 标记一个类为filter,被spring进行扫描
urlPatterns:拦截规则,支持正则
5)控制chain.doFilter的方法的调用,来实现是否通过放行不放行,web应用res.sendRedirect("/index.html"); 进行跳转
场景:权限控制、用户登录等
编写Filter
在启动类文件里面增加注解
@ServletComponentScan
- LoginFilter
package com.example.demo.filter;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* urlPatterns 正则匹配路由
* filterName 过滤器名称
*/
@WebFilter(urlPatterns = "/api/*", filterName = "loginFilter")
@Order(value = 1)
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("初始化操作");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// 有学过其他框架的同志 这个就是中间件 在这里做鉴权、日志等操作
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String username = req.getParameter("username");
if ("aoppp".equals(username)) {
// 如果登录名称 确认就通过
System.out.println("验证通过" + username);
chain.doFilter(request, response);
} else {
// 否则跳转到首页
res.sendRedirect("/error/403.html"); // 跳转到static/error/403.html
}
}
@Override
public void destroy() {
System.out.println("销毁时触发,一般热更新可以明确看到");
}
}
- static/error/403.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h1>403</h1>
</body>
</html>
- ApiController
@RequestMapping("/api/v1/login")
public Object login(HttpServletRequest request) {
Map<String, String> map = new HashMap<>();
map.put("username", request.getParameter("username"));
return map;
}
效果
参考:憧憬在 aoppp.com发布
