ThreadLocal取代每次都从session中获取登录用户信息
方式一:直接使用JDK中ThreadLocal方式
1.先定义一个存放登录用户信息的实体类,并在这里面操纵用户信息
public class UserContext implements Serializable{
private static ThreadLocal loginEntityThreadLocal=new ThreadLocal<>();
public static LoginEntity getUserSession() {
return loginEntityThreadLocal.get();
}
public static void setUserSession(LoginEntity entity) {
loginEntityThreadLocal.set(entity);
}
public static void removeUserSession() {
loginEntityThreadLocal.remove();
}
} public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException,
ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
HttpSession session = request.getSession();
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.addHeader("Access-Control-Allow-Origin","*");
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,X-Pagination");
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
response.addHeader("Access-Control-Expose-Headers", "X-Pagination");
//System.out.println(session.getId());
if (isInclude(request.getServletPath())) {
LoginEntity loginEntity = (LoginEntity) session.getAttribute(Const.LOGINED_KEY);
if (loginEntity != null) {
UserContext.setUserSession(loginEntity);
chain.doFilter(request, response);
} else {
unLogin(response);
}
} else {
chain.doFilter(request, response);
}
}方式二:RequestContextHolder是Spring中对ThreadLocal进行了封装
1.先定义一个存放登录用户信息的实体类,并在这里面操纵用户信息
public class UserContext implements Serializable{
/**
* 获取当前线程绑定的用户登录对象
*
* @return
*/
public static LoginEntity getUserSession() {
return (LoginEntity) RequestContextHolder.getRequestAttributes().getAttribute(Constant.LOGINED_KEY, RequestAttributes.SCOPE_REQUEST);
}
/**
* 将用户登录对象绑定到当前线程
*
* @param loginEntity
*/
public static void setUserSession(LoginEntity loginEntity) {
RequestContextHolder.getRequestAttributes().setAttribute(Constant.LOGINED_KEY, loginEntity, RequestAttributes.SCOPE_REQUEST);
}
/**
* 将用户登录对象从当前线程销毁
*/
public static void removeUserSession() {
RequestContextHolder.getRequestAttributes().removeAttribute(Constant.LOGINED_KEY,RequestAttributes.SCOPE_REQUEST);
}
}2.在过滤其中进行存放用户登录信息
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException,
ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
HttpSession session = request.getSession();
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.addHeader("Access-Control-Allow-Origin","*");
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,X-Pagination");
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
response.addHeader("Access-Control-Expose-Headers", "X-Pagination");
//System.out.println(session.getId());
if (isInclude(request.getServletPath())) {
LoginEntity loginEntity = (LoginEntity) session.getAttribute(Const.LOGINED_KEY);
if (loginEntity != null) {
UserContext.setUserSession(loginEntity);
chain.doFilter(request, response);
} else {
unLogin(response);
}
} else {
chain.doFilter(request, response);
}
}