过滤器Filter

一、过滤器相关Api

interface Filter 过滤器核心接口
1. init(FilterConfig filterConfig)初始化方法，在服务器启动时就执行
2. doFilter(ServletRequest request, ServletResponse response, FilterChain chain)过滤器拦截的业务逻辑处理
3. destroy() 销毁过滤器实例的时候调用

interface FilterChain 过滤链
doFilter(ServletRequest request, ServletResponse response)
执行下一个过滤器或放行（访问servlet）

二、用过滤器处理POST请求中文乱码问题

@WebFilter(filterName = "encoding", urlPatterns = "/*")
public class EncodingFilter implements Filter {
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("EncodingFilter.doFilter");
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        String method = request.getMethod();
        System.out.println("method: " + method);
        if("post".equalsIgnoreCase(method)) {   //equalsIgnoreCase 忽略大小写
            request.setCharacterEncoding("UTF-8");
        }

        filterChain.doFilter(servletRequest,servletResponse);
    }
}

三、用过滤器完成登录功能 

// “/*”代表拦截所有请求
@WebFilter(filterName = "login", urlPatterns = "/*")
public class LoginFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        Filter.super.init(filterConfig);
        System.out.println("LoginFilter.init");
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("LoginFilter.doFilter");
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;

        String uri = request.getRequestURI();
        System.out.println("uri: " + uri);
        String method = request.getParameter("method");
        System.out.println("method: " + method);
        //如果这个请求是要去完成登录的，不需要执行后面的验证是否已经登录的流程
        //这些是没有登录情况下可以访问的资源
        if (uri.startsWith("/static")  // 访问“/static”都放行
                || uri.equals("/login.jsp")
                || uri.equals("/fail.jsp")
                || (uri.equals("/user") && "login".equals(method))) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }

        HttpSession session = request.getSession();
        User user = (User) session.getAttribute("user");
        if (user == null) {
            response.sendRedirect("/login.jsp");
            return;
        }

        //“user”这个通行证不是null，说明用户已经登录
        //如果加了这了这句话代表放行，继续往后执行
        //1.如果后面还有filter就访问后面的filter
        //2.没有filter就访问后台资源
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override
    public void destroy() {
        Filter.super.destroy();
        System.out.println("LoginFilter.destroy");
    }
}