用戶登陸時,將用戶信息放到session中前端
package cn.woniubushiniu.controller; import cn.woniubushiniu.po.User; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import javax.servlet.http.HttpSession; @Controller public class UserController { /** * 向用戶登陸頁面跳轉 */ @RequestMapping(value = "/login",method = RequestMethod.GET) public String toLogin(){ return "login"; } /** * 用戶登陸 * @param user * @param model * @param session * @return */ @RequestMapping(value = "/login",method = RequestMethod.POST) public String login(User user, Model model, HttpSession session){ //獲取用戶名和密碼 String username=user.getUsername(); String password=user.getPassword(); //些處橫板從數據庫中獲取對用戶名和密碼後進行判斷 if(username!=null&&username.equals("admin")&&password!=null&&password.equals("admin")){ //將用戶對象添加到Session中 session.setAttribute("USER_SESSION",user); //重定向到主頁面的跳轉方法 return "redirect:main"; } model.addAttribute("msg","用戶名或密碼錯誤,請從新登陸!"); return "login"; } @RequestMapping(value = "/main") public String toMain(){ return "main"; } @RequestMapping(value = "/logout") public String logout(HttpSession session){ //清除session session.invalidate(); //重定向到登陸頁面的跳轉方法 return "redirect:login"; } }
攔截未登陸的用戶java
public class LoginInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception { //獲取請求的RUi:去除http:localhost:8080這部分剩下的 String uri = request.getRequestURI(); //UTL:除了login.jsp是能夠公開訪問的,其餘的URL都進行攔截控制 if (uri.indexOf("/login") >= 0) { return true; } //獲取session HttpSession session = request.getSession(); User user = (User) session.getAttribute("USER_SESSION"); //判斷session中是否有用戶數據,若是有,則返回true,繼續向下執行 if (user != null) { return true; } //不符合條件的給出提示信息,並轉發到登陸頁面 request.setAttribute("msg", "您尚未登陸,請先登陸!"); request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); return false; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { } }
配置文件
配置到spring 的配置文件中web
<!--登陸攔截器--> <mvc:interceptor> <mvc:mapping path="/**"/> <bean class="cn.woniubushiniu.interceptor.LoginInterceptor"/> </mvc:interceptor> </mvc:interceptors>
配置web.xml 攔截全部url,並設置須要掃描的spring文件spring
<!--配置前端控制器--> <servlet> <servlet-name>springmvc</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>classpath:springmvc-config.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>springmvc</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping>
小知識點,用來複習的~~數據庫