6

我打算使用 before 过滤器添加尾部斜杠以及使用 before 过滤器来处理某些端点上的身份验证。

这是我的路由代码:

// Add filter to all requests which adds a trailing slash if it is missing //
before("*", Filters.addTrailingSlashes);
path("/api", () -> {
    // Authentication Intercept //
    before("/*", AuthenticationIntercept.authenticationIntercept);

    // Sampling Endpoints //
    get(Path.Web.SAMPLES_FETCH_LATEST, SamplingController.fetchLatestSamples, new JsonTransformer());
    get(Path.Web.SAMPLES_FETCH_FOR_DEVICE, SamplingController.getLatestSamplesForDevice, new JsonTransformer());
});

然后我点击以下端点:

本地主机:4567/api/samples/10

发生的事情是首先调用 addTrailingSlashes。然后调用身份验证过滤器,然后再次调用 addTrailingSlashes,将 localhost:4567/api/samples/10/ 作为请求端点,最后再次调用身份验证过滤器。

这是预期的行为吗?我想要发生的是 addTrailingSlashes 被调用一次添加斜杠,然后转发一次请求,以便身份验证过滤器只被调用一次。

任何想法将不胜感激。

谢谢,内森

4

1 回答 1

2

I had the same issue but with another type of filter. It turned out that the browser makes two calls, the second to get favicon.ico on the root (/favicon.ico) which triggered the filter.

I do not have any services configured on the root path in my app, so it seems that the filter is triggered for all calls, even those that are not mapped.

I verified that by using some other path that was not mapped, try something like:

http://yourdomain.com/aaa/bbb

This call did also make my filter trigger twice. The first to the non-existent service, and one to get the favicon.ico.

It's helpful to use a http-monitoring software like Fiddler or the like to see what calls are made.

It's quite easy to check for the favicon case in the filter and ignore it. To check that the call is made to a valid service is a bit more work. Maybe there's a better way to do it.

于 2018-03-01T16:23:36.260 回答