cookie 在请求头中叫做cookie,在响应头中叫set-cookie
@GetMapping("/c1")public Result cookie1(HttpServletResponse resp){resp.addCookie(new Cookie("login_name","itheima"));return Result.success();}@GetMapping("/c2")public Result cookie2(HttpServletRequest request){Cookie [] cookies = request.getCookies();for(Cookie cookie : cookies){if(cookie.getName().equals("login_username")){System.out.println("login_username" + cookie.getValue());}}return Result.success();}
当前所在位置和请求位置,然后从3维度来判断是否是跨哉请求,只要有一个不同就属于
session基于cookie实现
@GetMapping("/s1")public Result session1(HttpSession session){session.setAttribute("loginUser", "tom");return Result.success();}@GetMapping("/s2")public Result session2(HttpServletRequest request){HttpSession session = request.getSession();Object loginUser = session.getAttribute("loginUser");return Result.success(loginUser);}
拦截器
Filter
@Overridepublic void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {HttpServletRequest req = (HttpServletRequest) servletRequest;HttpServletResponse resp = (HttpServletResponse)servletResponse;//获取请求的urlString url = req.getRequestURL().toString();//判断是否包含登录if(url.contains("login")){filterChain.doFilter(req, resp);return;}//获取请求头中的令牌String jwt = req.getHeader("token");if(!StringUtils.hasLength(jwt)){ //如果为空Result errorRet = Result.error("NOT_LOGIN");//阿里巴巴fastJsonString notLogin = JSONObject.toJSONString(errorRet);//将json字符串返回给浏览器resp.getWriter().write(notLogin);}//解析token,如果解析失败,返回错误结果try {JwtUtils.parseJwt(jwt);} catch(Exception e){Result errorRet = Result.error("NOT_LOGIN");//阿里巴巴fastJsonString notLogin = JSONObject.toJSONString(errorRet);//将json字符串返回给浏览器resp.getWriter().write(notLogin);return;}//放行filterChain.doFilter(req, resp);}