@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
String reqUrl = request.getRequestURL().toString();
//项目请求前缀
String prefix = request.getScheme() + "://" +
request.getServerName() + ":" + request.getServerPort() +
request.getContextPath();
//将需要放行的路径放行,无需进行登录权限验证
for(String passPath : passUrl){
if(reqUrl.startsWith(prefix+ passPath)){
//对外开放接口,需签名验证
if(reqUrl.contains("/external")){
CustomRequestWrapper requestWrapper = new CustomRequestWrapper(request);
String reqStr = requestWrapper.getBodyString();
Map<String,Object> map = EncryptUtil.isValidity(reqStr);
System.out.println("请求参数:"+requestWrapper.getBodyString());
Integer code = (Integer)map.get("code");
if(code.intValue() == 200){
chain.doFilter(requestWrapper,response );
return;
}else{ //参数校验失败返回结果
response.setCharacterEncoding("utf-8");
PrintWriter out = response.getWriter();
response.setContentType("application/json; charset=utf-8");
String responseStr = JSON.toJSONString(map);
out.print(responseStr);
out.flush();
out.close();
}
}else{
chain.doFilter(request,response );
return;
}
}
}
//登录权限验证
HttpSession session = request.getSession();
String username = (String)session.getAttribute("username");
System.out.println("用户名:"+username);
if(username != null && !username.equals("")){
chain.doFilter(request,response );
return;
}
//跳转到错误页面
request.getRequestDispatcher( "/error2000").forward(request,response );
}
//controller
@RequestMapping("/offerToReturn")
@ResponseBody
public Map<String,Object> quote(HttpServletRequest request){
Map<String,Object> map = new HashMap<>();
try{
//过滤器对对外部开放接口进行参数验证;
CustomRequestWrapper customRequestWrapper = new CustomRequestWrapper(request);
String reqStr = customRequestWrapper.getBodyString();
map = quoteService.quote(reqStr);
System.out.println("请求参数:"+reqStr);
return map;
}catch (Exception e){
e.printStackTrace();
map.put("code", 500);
map.put("success",false);
map.put("message","请求失败!" );
return map;
}
}
//requestwrapper
/**
* 请求包装,为了重复利用请求body的数据
* 若不使用这个,在过滤器中从请求流中获取数据,在进入controller后,流中就没有数据
* * @Version 1.0.0
* @Description
*/
public class CustomRequestWrapper extends HttpServletRequestWrapper {
private final byte[] body; //用于保存读取body中数据
public CustomRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
//读取请求的数据保存到本类当中
String bodyStr = getBodyString(request);
body = bodyStr.getBytes();
}
/**
* 获取请求Body
*
* @param request request
* @return String
*/
public String getBodyString(final ServletRequest request) {
try {
return inputStream2String(request.getInputStream());
} catch (IOException e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
/**
* 获取请求Body
*
* @return String
*/
public String getBodyString() {
final InputStream inputStream = new ByteArrayInputStream(body);
return inputStream2String(inputStream);
}
/**
* 将inputStream里的数据读取出来并转换成字符串
*
* @param inputStream inputStream
* @return String
*/
private String inputStream2String(InputStream inputStream) {
StringBuilder sb = new StringBuilder();
BufferedReader reader = null;
try {
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset()));
String line;
while ((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException e) {
e.printStackTrace();
throw new RuntimeException(e);
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return sb.toString();
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream inputStream = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return inputStream.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
}