ThreadLocal取代每次都从session中获取登录用户信息

方式一：直接使用JDK中ThreadLocal方式

1.先定义一个存放登录用户信息的实体类，并在这里面操纵用户信息

public class UserContext implements Serializable{

    private static ThreadLocal<LoginEntity> loginEntityThreadLocal=new ThreadLocal<>();

    public static LoginEntity getUserSession() {
        return loginEntityThreadLocal.get();
    }

    public static void setUserSession(LoginEntity entity) {
        loginEntityThreadLocal.set(entity);
    }

    public static void removeUserSession() {
        loginEntityThreadLocal.remove();
    }
}

2.在过滤其中进行存放用户登录信息

public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException,
			ServletException {
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) resp;
		HttpSession session = request.getSession();
		
		request.setCharacterEncoding("UTF-8");
		response.setCharacterEncoding("UTF-8");
		
		response.addHeader("Access-Control-Allow-Origin","*");
		response.addHeader("Access-Control-Allow-Credentials", "true");
		response.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,X-Pagination");
		response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
		response.addHeader("Access-Control-Expose-Headers", "X-Pagination");
		
		//System.out.println(session.getId());
		if (isInclude(request.getServletPath())) {
			LoginEntity loginEntity = (LoginEntity) session.getAttribute(Const.LOGINED_KEY);
			if (loginEntity != null) {
				UserContext.setUserSession(loginEntity);
				chain.doFilter(request, response);
			} else {
				unLogin(response);
			}
		} else {
			chain.doFilter(request, response);
		}
	}

方式二：RequestContextHolder是Spring中对ThreadLocal进行了封装

1.先定义一个存放登录用户信息的实体类，并在这里面操纵用户信息

public class UserContext implements Serializable{
    
    /**
     * 获取当前线程绑定的用户登录对象
     *
     * @return
     */
    public static LoginEntity getUserSession() {
        return (LoginEntity) RequestContextHolder.getRequestAttributes().getAttribute(Constant.LOGINED_KEY,  RequestAttributes.SCOPE_REQUEST);
    }

    /**
     * 将用户登录对象绑定到当前线程
     *
     * @param loginEntity
     */
    public static void setUserSession(LoginEntity loginEntity) {
        RequestContextHolder.getRequestAttributes().setAttribute(Constant.LOGINED_KEY, loginEntity, RequestAttributes.SCOPE_REQUEST);
    }

    /**
     * 将用户登录对象从当前线程销毁
     */
    public static void removeUserSession() {
        RequestContextHolder.getRequestAttributes().removeAttribute(Constant.LOGINED_KEY,RequestAttributes.SCOPE_REQUEST);
    }

}

2.在过滤其中进行存放用户登录信息

public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException,
			ServletException {
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) resp;
		HttpSession session = request.getSession();
		
		request.setCharacterEncoding("UTF-8");
		response.setCharacterEncoding("UTF-8");
		
		response.addHeader("Access-Control-Allow-Origin","*");
		response.addHeader("Access-Control-Allow-Credentials", "true");
		response.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,X-Pagination");
		response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
		response.addHeader("Access-Control-Expose-Headers", "X-Pagination");
		
		//System.out.println(session.getId());
		if (isInclude(request.getServletPath())) {
			LoginEntity loginEntity = (LoginEntity) session.getAttribute(Const.LOGINED_KEY);
			if (loginEntity != null) {
				UserContext.setUserSession(loginEntity);
				chain.doFilter(request, response);
			} else {
				unLogin(response);
			}
		} else {
			chain.doFilter(request, response);
		}
	}