首先我们要定义一个类，实现标准的过滤器

import lombok.extern.slf4j.Slf4j;import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;@WebFilter("/*")
@Slf4j
public class AuthFilter implements Filter {@Override //初始化方法，只会被执行一次public void init(FilterConfig filterConfig) throws ServletException {Filter.super.init(filterConfig);log.info("AuthFilter初始化");}@Overridepublic void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {log.info("AuthFilter执行了");filterChain.doFilter(servletRequest, servletResponse); // 这里就是放行}@Override //销毁方法，只会被执行一次public void destroy() {Filter.super.destroy();log.info("AuthFilter销毁");}
}

由于filter是javaweb里面的类，不是spring里面自带的，所以我们还要在启动类上面加上注解

@ServletComponentScan // 扫描Servlet,javaweb里面的类
@SpringBootApplication
public class TliasWebManagementApplication {public static void main(String[] args) {SpringApplication.run(TliasWebManagementApplication.class, args);}}

只拦截登录接口

@WebFilter("/login")
@Slf4j
public class AuthFilter implements Filter {@Override //初始化方法，只会被执行一次public void init(FilterConfig filterConfig) throws ServletException {Filter.super.init(filterConfig);log.info("AuthFilter初始化");}@Overridepublic void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {log.info("AuthFilter执行了");filterChain.doFilter(servletRequest, servletResponse);}@Override //销毁方法，只会被执行一次public void destroy() {Filter.super.destroy();log.info("AuthFilter销毁");}
}

代码实现

 <dependency><groupId>com.alibaba</groupId><artifactId>fastjson</artifactId><version>1.2.76</version></dependency>

package com.itheima.filter;
import com.alibaba.fastjson.JSONObject;
import com.itheima.pojo.Result;
import com.itheima.utils.JwtUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.StringUtils;import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;@WebFilter("/*")
@Slf4j
public class AuthFilter implements Filter {@Override //初始化方法，只会被执行一次public void init(FilterConfig filterConfig) throws ServletException {Filter.super.init(filterConfig);log.info("AuthFilter初始化");}@Overridepublic void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {//获取请求的urlHttpServletRequest request = (HttpServletRequest) servletRequest;HttpServletResponse response = (HttpServletResponse) servletResponse;String url = request.getRequestURL().toString();log.info("url:{}", url);//是否包含login,如果包含，则放行if (url.contains("login")) {log.info("登录操作，放行");filterChain.doFilter(servletRequest, servletResponse);return;}// 获取请求的tokenString token = request.getHeader("token");if (!StringUtils.hasLength(token)) {response.setStatus(401);log.info("token为空，请登录");Result error = Result.error("token not login");//在过滤器中，手动将结果输出到前端String notLogin = JSONObject.toJSONString(error);response.getWriter().write(notLogin);return;}// 解析tokentry {JwtUtils.parseJWT(token);} catch (Exception e) {e.printStackTrace();log.info("token解析失败");Result error = Result.error("not token");//在过滤器中，手动将结果输出到前端String notLogin = JSONObject.toJSONString(error);response.getWriter().write(notLogin);return;}// 放行filterChain.doFilter(servletRequest, servletResponse);}@Override //销毁方法，只会被执行一次public void destroy() {Filter.super.destroy();log.info("AuthFilter销毁");}
}

测试效果,没有登录，其他请求的返回