基于day17_base项目

 

 

 

 

 1 package com.haifei.web.filter;
 2 
 3 import javax.servlet.*;
 4 import javax.servlet.annotation.WebFilter;
 5 import javax.servlet.http.HttpServletRequest;
 6 import java.io.IOException;
 7 
 8 /**
 9  * 用户登录验证的过滤器
10  */
11 @WebFilter("/*")
12 public class LoginFilter implements Filter {
13     public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
14         //1 强转转换
15         HttpServletRequest request = (HttpServletRequest)req;
16 
17         //2 获取资源请求路径
18         String uri = request.getRequestURI();
19 
20         //3 判断是否包含登录相关资源，注意也要排除掉css/js/图片/验证码等资源
21         if (uri.contains("/login.jsp") || uri.contains("/LoginServlet") || uri.contains("/CheckCodeServlet") || uri.contains("/css/") || uri.contains("/js/") || uri.contains("/fonts/")){
22             //包含 --> 用户欲登录 --> 放行
23             chain.doFilter(req, resp);
24         }else {
25             //不包含 --> 判断用户是否已登录
26 
27             //4 从session中获取user
28             Object user = request.getSession().getAttribute("user");
29             if (user != null){
30                 //已登录 --> 放行
31                 chain.doFilter(req, resp);
32             }else {
33                 //未登录 --> 跳转到登录页面
34                 request.setAttribute("login_msg", "您尚未登录，请登录！");
35                 request.getRequestDispatcher("/login.jsp").forward(request, resp);
36             }
37         }
38     }
39 
40     public void init(FilterConfig config) throws ServletException {
41 
42     }
43 
44     public void destroy() {
45 
46     }
47 
48 }