filter 拦截ajax请求
1.filter
public class SessonFilter implements Filter {
private static Logger log = LoggerFactory.getLogger(SessonFilter.class);
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//empty implement
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpSession session = httpRequest.getSession();
String uri = httpRequest.getRequestURI();
String ctxpath = httpRequest.getContextPath();
String userid = (String)session.getAttribute("userid");
if(uri.contains("/user/login") || uri.contains("/user/regPage") ){
chain.doFilter(request, response);
}else{
if(userid == null){
String contextPath = httpRequest.getContextPath();
String redirect = contextPath ;
//ajax session 过期处理
//1:判断是否是ajax请求
if (httpRequest.getHeader("x-requested-with") != null
&& "XMLHttpRequest".equalsIgnoreCase(httpRequest.getHeader("x-requested-with"))) {
//向http头添加 状态 sessionstatus
httpResponse.setHeader("sessionstatus","timeout");
httpResponse.setStatus(403);
//向http头添加登录的url
httpResponse.addHeader("loginPath", ctxpath);
chain.doFilter(request, response);
log.debug("ajax request");
return ;
}
httpResponse.sendRedirect(redirect);
return;
}else{
chain.doFilter(request, response);
}
}
}
@Override
public void destroy() {
//empty implement
}
}
2.核心代码
//ajax session 过期处理
//1:判断是否是ajax请求
if (httpRequest.getHeader("x-requested-with") != null
&& "XMLHttpRequest".equalsIgnoreCase(httpRequest.getHeader("x-requested-with"))) {
//向http头添加 状态 sessionstatus
httpResponse.setHeader("sessionstatus","timeout");
httpResponse.setStatus(403);
//向http头添加登录的url
httpResponse.addHeader("loginPath", ctxpath);
chain.doFilter(request, response);
log.debug("ajax request");
return ;
}
3.JS
//ajax完成时回调函数
$(document).ajaxComplete(function(event, xhr, settings) {
//从http头信息取出 在filter定义的sessionstatus,判断是否是 timeout
if(xhr.getResponseHeader("sessionstatus")=="timeout"){
//从http头信息取出登录的url = loginPath
if(xhr.getResponseHeader("loginPath")){
alert("会话过期,请重新登陆!");
//打会到登录页面
window.location.replace(xhr.getResponseHeader("loginPath"));
}else{
alert("请求超时请重新登陆 !");
}
}
});