基于Springboot的单用户登录(新手笔记)
此 实例把token存到了表里
1.过滤器的书写(前提:token,和id在hearder里面)
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.ObjectUtils;
import woke.cloud.official.dao.mapper.SysUsersMapper;
import woke.cloud.official.dao.models.SysUsers;
import woke.cloud.official.exception.ExceptionEnum;
import woke.cloud.official.exception.WokeException;
import woke.cloud.official.transformat.Result;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;
@Slf4j
public class PermissionsFilter implements Filter {
@Autowired
BaseUserMapper baseUserMapper;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
log.info("token验证过滤器");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest requestWrapper = null;
HttpServletRequest request1 = (HttpServletRequest) request;
String token=((HttpServletRequest) request).getHeader("token");
String requestURI = request1.getRequestURI();
//直接进行下一步,不进入过滤器
if (requestURI.contains("login")) {
chain.doFilter(request1, response);
return;
}
Result result=new Result(1, "操作成功 ","操作成功");
try {
// String temp = "";
// String decryptStr = "";
// try {
// requestWrapper = new BodyReaderServletWrapper((HttpServletRequest) request);
// if (!ObjectUtils.isEmpty(requestWrapper)) {
// BufferedReader br = requestWrapper.getReader();
// while ((temp = br.readLine()) != null) {
// decryptStr = decryptStr + temp;
// }
// }
// }
// catch (Exception e) {
// e.printStackTrace();
// }
// if (ObjectUtils.isEmpty(decryptStr)) {
// return;
// }
// BaseUser baseUser= JSON.parseObject(decryptStr, BaseUser.class);
// if (null == baseUser || StringUtils.isEmpty(baseUser.getToken()) || null == baseUser.getCreateUserId()) {
// throw new WokeException(ExceptionEnum.SIGN_IS_FAILURE);
// }
Long userid = Long.valueOf(request1.getHeader("userId"));
BaseUser user = baseUserMapper.queryById(userid);
if (ObjectUtils.isEmpty(user)) {
// 账号不存在
throw new WokeException(ExceptionEnum.LOGIN_ERR);
}
System.out.println(token);
System.out.println(user.getToken());
if (!token.equals(user.getToken())) {
// 该账号已在另一设备登录,为确保安全,建议您尽快修改密码
throw new WokeException(ExceptionEnum.TOKEN_IS_FAILURE);
}
//修改用户最后一次操作时间
BaseUser baseUser1 = new BaseUser();
baseUser1.setUserId(userid);
baseUser1.setLastLoginTime(new Date());
baseUserMapper.update(baseUser1);
chain.doFilter(request1, response);
}catch (WokeException e){
result.setCode(e.getCode());
result.setMsg(e.getMsg());
result.setData("");
rsponse(response, result);
log.error("访问异常,异常编号{},异常代码{}", e.getCode(), e.getMsg());
}catch (Exception e){
result.setCode(500);
result.setMsg("响应失败");
result.setData("");
rsponse(response, result);
}
}
@Override
public void destroy() {
log.info(" token验证过滤器(销毁)");
}
public void rsponse(ServletResponse servletResponse, Result result) {
HttpServletResponse response = (HttpServletResponse) servletResponse;
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
try {
out = response.getWriter();
out.write(JSON.toJSONString(result));
} catch (IOException e) {
e.printStackTrace();
} finally {
if (out != null) {
out.close();
}
}
}
}
2.该类放进springboot中
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import woke.cloud.property.filter.PermissionsFilter;
import javax.servlet.Filter;
@Configuration
public class Config {
@Bean
public Filter permissionsFilter() {
return new PermissionsFilter();
}
@Bean
public FilterRegistrationBean registrationBean() {
FilterRegistrationBean registration = new FilterRegistrationBean(permissionsFilter());
registration.setFilter(permissionsFilter());
// 过滤的路径
registration.addUrlPatterns("/wkwy/*");
registration.addInitParameter("paramName", "paramValue");
registration.setName("permissionsFilter");
registration.setOrder(Integer.MAX_VALUE);
return registration;
}
3.登录的时候存token,退出token清空
补充:
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.ObjectUtils;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
/**
* 请求Servlet类,处理输入流不能多次读取的问题
*
*/
@Slf4j
public class BodyReaderServletWrapper extends HttpServletRequestWrapper {
private final byte[] body;
/**
* 获取body的内容并解密
*
* @param request 请求对象
* @throws Exception
*/
public BodyReaderServletWrapper(HttpServletRequest request) throws Exception {
super(request);
body = getRequestPostBytes(request);
}
/**
* 获取Reader对象
*
* @return BufferedReader
* @throws IOException
*/
@Override
public BufferedReader getReader() throws IOException {
try {
return new BufferedReader(new InputStreamReader(getInputStream(), "utf-8"));
} catch (NullPointerException e) {
return null;
}
}
/**
* 获取HTTP流
*
* @return ServletInputStream
* @throws IOException
*/
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais;
if(ObjectUtils.isEmpty(body)){
}
bais = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() throws IOException {
return bais.read();
}
};
}
/***
* 获取 request 中 json 字符串的内容
*
* @param request
* @return : <code>byte[]</code>
* @throws IOException
*/
public static String getRequestJsonString(HttpServletRequest request)
throws IOException {
String submitMehtod = request.getMethod();
// GET
if (submitMehtod.equals("GET")) {
return new String(request.getQueryString().getBytes("iso-8859-1"),"utf-8").replaceAll("%22", """);
// POST
} else {
return getRequestPostStr(request);
}
}
/**
* 描述:获取 post 请求的 byte[] 数组
* <pre>
* 举例:
* </pre>
* @param request
* @return
* @throws IOException
*/
public static byte[] getRequestPostBytes(HttpServletRequest request)
throws IOException {
int contentLength = request.getContentLength();
if(contentLength<0){
return null;
}
byte buffer[] = new byte[contentLength];
for (int i = 0; i < contentLength;) {
int readlen = request.getInputStream().read(buffer, i,
contentLength - i);
if (readlen == -1) {
break;
}
i += readlen;
}
return buffer;
}
/**
* 描述:获取 post 请求内容
* <pre>
* 举例:
* </pre>
* @param request
* @return
* @throws IOException
*/
public static String getRequestPostStr(HttpServletRequest request)
throws IOException {
byte buffer[] = getRequestPostBytes(request);
String charEncoding = request.getCharacterEncoding();
if (charEncoding == null) {
charEncoding = "UTF-8";
}
return new String(buffer, charEncoding);
}
}