老师,我用@WebFilter注解方式配置过滤器,未登录和非管理员可以成功拦截,但是会出现下边两个问题
来源:5-8 统一校验管理员身份
王小east
2023-03-29 19:57:59
成功拦截:
会出现下边两个问题:
1、异常不被统一处理
2、处理成功的情况下,返回结果会报错
上面两个问题如何解决呢?
@WebFilter注解方式配置的过滤器
package com.imooc.mall.filter;
import com.imooc.mall.common.ApiRestResponse;
import com.imooc.mall.common.Constant;
import com.imooc.mall.exception.ImoocMallException;
import com.imooc.mall.exception.ImoocMallExceptionEnum;
import com.imooc.mall.model.pojo.User;
import com.imooc.mall.service.UserService;
import javax.annotation.Resource;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
@WebFilter(filterName = "adminFilter" , urlPatterns = {"/admin/category/*","/admin/product/*","/admin/order/*"})
public class AdminFilter implements Filter {
@Resource
private UserService userService;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
servletResponse.reset();
servletResponse.setContentType("text/json;charset=utf-8");
HttpSession session = ((HttpServletRequest)servletRequest).getSession();
User currentUser = (User) session.getAttribute(Constant.IMOOC_MALL_USER);
PrintWriter out = servletResponse.getWriter();
if (currentUser == null){
out.write("{\n" +
" \"code\": 10007,\n" +
" \"msg\": \"用户未登录\",\n" +
" \"data\": null\n" +
"}");
return;
}
if (userService.checkAdminRole(currentUser)) {
filterChain.doFilter(servletRequest, servletResponse);
}else {
out.write("{\n" +
" \"code\": 10009,\n" +
" \"msg\": \"无管理员权限\",\n" +
" \"data\": null\n" +
"}");
}
out.flush();
out.close();
}
@Override
public void destroy() {
Filter.super.destroy();
}
}写回答
1回答
-
好帮手慕小尤
2023-03-30
同学你好,查看异常信息提示,已经调用了getWriter方法。则建议同学将out对象书写到if判断里,如下所示:然后重新测试代码试一下。
@Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { servletResponse.reset(); servletResponse.setContentType("text/json;charset=utf-8"); HttpSession session = ((HttpServletRequest)servletRequest).getSession(); User currentUser = (User) session.getAttribute(Constant.IMOOC_MALL_USER); if (currentUser == null){ PrintWriter out = servletResponse.getWriter(); out.write("{\n" + " \"code\": 10007,\n" + " \"msg\": \"用户未登录\",\n" + " \"data\": null\n" + "}"); out.flush(); out.close(); return; } if (userService.checkAdminRole(currentUser)) { filterChain.doFilter(servletRequest, servletResponse); }else { PrintWriter out = servletResponse.getWriter(); out.write("{\n" + " \"code\": 10009,\n" + " \"msg\": \"无管理员权限\",\n" + " \"data\": null\n" + "}"); out.flush(); out.close(); } }祝学习愉快!
0
相似问题