1. @Slf4j
  2. @Component
  3. @WebFilter(urlPatterns = "/platform/*")
  4. public class AuthFilter extends OncePerRequestFilter {
  6.     @Autowired
  7.     private ResourceAuthService authService;
  9.     /**
  10.      * 在这里对用户和对应的url权限进行校验
  11.      */
  12.     @Override
  13.     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
  14.         HttpRequestWrapper requestWrapper = new HttpRequestWrapper(request);
  15.         HttpResponseWrapper responseWrapper = new HttpResponseWrapper(response);
  16.         String userName = request.getHeader(USER_NAME);
  17.         ApplicationContext.setUserName(userName);
  19.         // 用户没有权限
  20.         if (!authService.userHaveAuth(userName, requestWrapper)) {
  21.             responseWrapper.setBody(generateNoAuth());
  22.         } else {
  23.             filterChain.doFilter(requestWrapper, responseWrapper);
  24.         }
  26.         //输出 response stream
  27.         responseWrapper.copyToResponse();
  28.     }
  30.     private String generateNoAuth() {
  31.         Response<?> response = new Response<>();
  32.         response.setErrCode(FORBIDDEN.value());
  33.         response.setErrMsg("没有权限");
  34.         return JSON.toJSONString(response);
  35.     }
  36. }

response head 放置数据失效

注意

后来发现就是给response中的head添加数据的时候不生效,看了下面这篇文章之后才知道,response中的head在调用链处理之后,其中的head部分是会被放到Buffer里面的,这样在doFilter之后进行处理,里面的东西就不是一个了,因此,通常情况下,可以将addHead部分放到doFilter的上面

参考:

https://blog.csdn.net/woslx/article/details/100540958