@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpSession session = request.getSession();
String path = request.getServletPath();
User user = (User) session.getAttribute("user");
if(path.startsWith("/auth") || user != null) {
try {
filterChain.doFilter(servletRequest, servletResponse);
} catch(UnauthorizedException e) {
sendUnauthorized((HttpServletResponse) servletResponse);