package com.slcf.filter;
|
|
import java.io.IOException;
|
import java.io.PrintWriter;
|
|
import javax.servlet.Filter;
|
import javax.servlet.FilterChain;
|
import javax.servlet.FilterConfig;
|
import javax.servlet.ServletException;
|
import javax.servlet.ServletOutputStream;
|
import javax.servlet.ServletRequest;
|
import javax.servlet.ServletResponse;
|
import javax.servlet.annotation.WebFilter;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpSession;
|
|
import com.google.zxing.BarcodeFormat;
|
import com.google.zxing.WriterException;
|
import com.google.zxing.client.j2se.MatrixToImageWriter;
|
import com.google.zxing.common.BitMatrix;
|
import com.google.zxing.oned.Code128Writer;
|
import com.slcf.pojo.UserBean;
|
|
import com.google.zxing.BarcodeFormat;
|
import com.google.zxing.WriterException;
|
import com.google.zxing.client.j2se.MatrixToImageWriter;
|
import com.google.zxing.common.BitMatrix;
|
import com.google.zxing.oned.Code128Writer;
|
|
/**
|
* 登录验证的过滤器 servlet3.0新特性(注解)
|
*/
|
@WebFilter("/*")
|
public class LoginFilter implements Filter {
|
|
// private FilterConfig config;
|
// private String allowOrigin="*";
|
|
/**
|
* Default constructor.
|
*/
|
public LoginFilter() {
|
// TODO Auto-generated constructor stub
|
}
|
|
/**
|
* @see Filter#destroy()
|
*/
|
public void destroy() {
|
// TODO Auto-generated method stub
|
}
|
|
/**
|
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
|
*/
|
public void doFilter(ServletRequest request, ServletResponse response,
|
FilterChain chain) throws IOException, ServletException {
|
|
// if(1==1) {
|
// chain.doFilter(request, response);
|
// return;
|
// }
|
|
// 获取HttpServletRequest
|
HttpServletRequest req = (HttpServletRequest) request;
|
HttpServletResponse rep = (HttpServletResponse)response;
|
|
//////////////////////////////////////////////////////////
|
// if("*".equals(allowOrigin)) {
|
// rep.setHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));
|
// }
|
rep.setHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));
|
rep.setHeader("Access-Control-Allow-Headers", "Access-Control-Allow-Origin,content-type,token,id,x-requested-with,Authorization");
|
// rep.setHeader("Access-Control-Allow-Methods","*");
|
// rep.setHeader("Access-Control-Request-Headers","Origin, X-Requested-With, content-Type, Accept, Authorization");
|
// rep.addHeader("Access-Control-Allow-Origin",req.getHeader("Origin"));
|
//// httpServletResponse.addHeader("Access-Control-Allow-Methods","post,put, get ,delete, options");
|
// rep.addHeader("Access-Control-Allow-Credentials","true");
|
// rep.setHeader("Access-Control-Allow-Methods", req.getHeader("Access-Control-Allow-Methods"));
|
//// rep.setHeader("Access-Control-Max-Age", "3600");
|
// rep.setHeader("Access-Control-Allow-Headers", req.getHeader("Access-Control-Allow-Headers"));
|
// rep.setHeader("Content-Type", req.getHeader("application/json"));
|
// if("OPTIONS".equalsIgnoreCase(req.getMethod())){
|
// //服务器成功处理了请求,但没有返回任何内容。
|
// rep.setStatus(204);
|
// return;
|
// }
|
//////////////////////////////////////////////
|
|
// 获取session
|
HttpSession session = req.getSession();
|
// 获取当前登录用户信息
|
UserBean userBean = (UserBean)session.getAttribute("currentUser");
|
// 获取请求URL信息
|
String url = req.getRequestURI();
|
// String suffix = url.substring(url.lastIndexOf('.'));
|
|
//不需要过滤的url
|
// String[] urls = {"/login","/json",".js",".css",".ico",".jpg",".png",".gif",".bmp"};
|
String[] urls = {"/login","/json","/asrsApi","/apiLogin","/css","/jsFiles","/static","/images",".png",".gif",".jpg",".bmp"};
|
boolean flag = false;
|
// flag = Arrays.asList(urls).contains(suffix);
|
for (String str : urls) {
|
if (url.indexOf(str) != -1) {
|
flag =true;
|
break;
|
}
|
}
|
|
String sessionId = request.getParameter("uid");
|
if(sessionId!=null && !sessionId.equals("")){
|
MySessionContext myContext = MySessionContext.getInstance();
|
HttpSession session1 = myContext.getSession(sessionId);
|
if(session1!=null) {
|
userBean = (UserBean)session1.getAttribute("currentUser");
|
}
|
}
|
|
if(flag==true) {
|
chain.doFilter(request, response);
|
return;
|
}
|
|
if (url.contains("login.jsp") || url.contains("doLogin.action")) {
|
// 转发到下一个过滤器或Servlet(表示正常运行)
|
chain.doFilter(request, response);
|
}
|
else if (userBean != null) {
|
// 转发到下一个过滤器或Servlet(表示正常运行)
|
chain.doFilter(request, response);
|
} else {
|
// rep.sendRedirect(req.getContextPath()+ "/login.jsp");
|
// req.getRequestDispatcher(req.getContextPath()+"/login.jsp").forward(req,
|
// response);
|
if(url.contains("phone")) {
|
// Map<String, Object> map = new HashMap<String, Object>();
|
// map.put("code", -1);
|
// map.put("msg", "Sessionout");
|
PrintWriter out = response.getWriter();
|
// out.println(map.toString());
|
out.print("Sessionout");
|
return;
|
}
|
else {
|
String loginUrl = req.getContextPath()+ "/login.jsp";
|
PrintWriter out = response.getWriter();
|
out.println("<html>");
|
out.println("<script>");
|
out.println("window.open ('"+loginUrl+"','_parent')"); //作为父窗口打开
|
out.println("</script>");
|
out.println("</html>");
|
return;
|
}
|
}
|
|
}
|
|
/**
|
* @see Filter#init(FilterConfig)
|
*/
|
public void init(FilterConfig fConfig) throws ServletException {
|
// TODO Auto-generated method stub
|
// this.config = config;
|
// allowOrigin=this.config.getInitParameter("allowOrigin");
|
// LOG.debug("httpServletResponse.addHeader(\"Access-Control-Allow-Origin\","+allowOrigin+");");
|
}
|
|
}
|
