Spring mvc 實現用戶登陸(攔截器)

用戶登陸時,將用戶信息放到session中前端

package cn.woniubushiniu.controller;

import cn.woniubushiniu.po.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import javax.servlet.http.HttpSession;

@Controller
public class UserController {
    /**
     * 向用戶登陸頁面跳轉
     */
    @RequestMapping(value = "/login",method = RequestMethod.GET)
    public String toLogin(){
        return  "login";
    }

    /**
     * 用戶登陸
     * @param user
     * @param model
     * @param session
     * @return
     */
    @RequestMapping(value = "/login",method = RequestMethod.POST)
    public String login(User user, Model model, HttpSession session){
        //獲取用戶名和密碼
        String username=user.getUsername();
        String password=user.getPassword();
        //些處橫板從數據庫中獲取對用戶名和密碼後進行判斷
        if(username!=null&&username.equals("admin")&&password!=null&&password.equals("admin")){
            //將用戶對象添加到Session中
            session.setAttribute("USER_SESSION",user);
            //重定向到主頁面的跳轉方法
            return "redirect:main";
        }
        model.addAttribute("msg","用戶名或密碼錯誤,請從新登陸!");
        return "login";
    }

    @RequestMapping(value = "/main")
    public String toMain(){
        return "main";
    }
    
    @RequestMapping(value = "/logout")
    public String logout(HttpSession session){
        //清除session
        session.invalidate();
        //重定向到登陸頁面的跳轉方法
        return "redirect:login";
    }
    
}

攔截未登陸的用戶java

public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
        //獲取請求的RUi:去除http:localhost:8080這部分剩下的
        String uri = request.getRequestURI();
        //UTL:除了login.jsp是能夠公開訪問的,其餘的URL都進行攔截控制
        if (uri.indexOf("/login") >= 0) {
            return true;
        }
        //獲取session
        HttpSession session = request.getSession();
        User user = (User) session.getAttribute("USER_SESSION");
        //判斷session中是否有用戶數據,若是有,則返回true,繼續向下執行
        if (user != null) {
            return true;
        }
        //不符合條件的給出提示信息,並轉發到登陸頁面
        request.setAttribute("msg", "您尚未登陸,請先登陸!");
        request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response);
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

    }
}

配置文件
配置到spring 的配置文件中web

<!--登陸攔截器-->
        <mvc:interceptor>
            <mvc:mapping path="/**"/>
            <bean class="cn.woniubushiniu.interceptor.LoginInterceptor"/>
        </mvc:interceptor>
    </mvc:interceptors>

配置web.xml 攔截全部url,並設置須要掃描的spring文件spring

<!--配置前端控制器-->
    <servlet>
        <servlet-name>springmvc</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:springmvc-config.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>springmvc</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

小知識點,用來複習的~~數據庫

相關文章
相關標籤/搜索