1.定義一個繼承UsernamePasswordAuthenticationFilter類的登錄過濾器
該類里面主要定義生成jwt和解析jwt的方法,本篇文章不記錄JWT的生成等,重點在於對如何解析得到request里面的參數。
因為這里用了spring security框架且這里繼承了框架的UsernamePasswordAuthenticationFilter過濾器類,所以這里前端發送過來的請求參數名必定只能是username和password,但是我這個項目的用戶唯一標識是學生的學號(也就是前端發送過來的是username = 學號),所以我這里才要這樣處理一下:
// 接收並解析用戶憑證 @Override public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res) throws AuthenticationException { //TODO1: final Map<String, Object> dataFromRequest = getDataFromRequest(req); final String username = (String) dataFromRequest.get("username"); final String password = (String) dataFromRequest.get("password"); //TODO try { Student user = new Student(); user.setUid(username); user.setPassword(password); return authenticationManager.authenticate( new UsernamePasswordAuthenticationToken( user.getUid(),//設置學號,也就是前端請求發過來的username user.getPassword(), new ArrayList<>()) ); } catch (Exception e) { //請先注冊 throw new RuntimeException(e); } }
解析request請求的方法:
private Map<String,Object> getDataFromRequest(HttpServletRequest request){ Gson gson = new Gson(); String type = request.getContentType(); Map<String,Object> receiveMap = new HashMap<String,Object>(); if("application/x-www-form-urlencoded".equals(type)){ Enumeration<String> enu = request.getParameterNames(); while (enu.hasMoreElements()) { String key = String.valueOf(enu.nextElement()); String value = request.getParameter(key); receiveMap.put(key, value); } }else{ //else是text/plain、application/json這兩種情況 BufferedReader reader = null; StringBuilder sb = new StringBuilder(); try{ reader = new BufferedReader(new InputStreamReader(request.getInputStream(), "utf-8")); String line = null; while ((line = reader.readLine()) != null){ sb.append(line); } } catch (IOException e){ e.printStackTrace(); } finally { try{ if (null != reader){ reader.close(); } } catch (IOException e){ e.printStackTrace(); } } receiveMap = gson.fromJson(sb.toString(), new TypeToken<Map<String, String>>(){}.getType());//把JSON字符串轉為對象 } return receiveMap; }
以上是針對前端請求是通過JSON/(application/json)的形式對參數的解析方法,下面我們來看下對前端表單(formm/data)提交這里的解析參數方法:
注意:只要將上面的//TODO內的代碼換成下列代碼即可:
Student user = new Student(); user.setUid(req.getParameterValues("username")[0]); user.setPassword(req.getParameterValues("password")[0]);
2.順帶一提對於JSON/(application/json)的形式在controller里對參數的解析方法:
這里利用sprinngmvc提供的ObjectMapper能夠解析出類似這種:
的參數,
Temp類是自定義的實體類,是用於對該屬性的映射臨時實體類:
@Data public class Temp implements Serializable{ private String email; }
具體做法:
@Autowired private ObjectMapper objectMapper; @PostMapping("/auth/email") public ResponseEntity<String> getEmailVerificationCode(@RequestBody String email) throws IOException { final Temp newEmail = objectMapper.readValue(email, Temp.class);
3.最后:
有需要的可以給我留言,我會回復的。