SpringBoot-(三)登陆拦截器

本文最后更新于:January 30, 2022 pm

SpringBoot框架中有两个非常重要的策略:开箱即用和约定优于配置。其设计目的是用来简化新Spring应用的初始搭建以及开发过程。该框架使用了特定的方式来进行配置,从而使开发人员不再需要定义样板化的配置。

目录

准备环境

准备一

读取信息。

application.yaml

1
2
3
4
5
6
7
8
# 关闭模板引擎的缓存,防止更改前端代码没有效果
spring:
  thymeleaf:
    cache: false

# 用于页面的一些信息展示
  messages:
    basename: i18n.login

然后在resources目录下建一个i18n目录,再建一个login.properties文件。

1
2
login.username=用户名
login.userpassword=密码

准备二

index.html

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>

<!-- /user/login 为提交到哪一个处理的controller中 -->
<form th:action="@{/user/login}">
   用户名: <input type="text" name="username" th:placeholder="#{login.username}"> <br>
   密码:   <input type="password" name="password" th:placeholder="#{login.userpassword}">
    提交:<input type="submit">
</form>
</body>
</html>

main.html

1
2
3
4
5
6
7
8
9
10
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>主页main!</h1>
</body>
</html>

全局视图:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
package com.tothefor.Controll;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class myMVC implements WebMvcConfigurer {
    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/").setViewName("index");
        registry.addViewController("/index.html").setViewName("index");
        registry.addViewController("/main.html").setViewName("main");
    }
}

controller控制类:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
package com.tothefor.controller;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;


@Controller
public class testController {

    @RequestMapping("/user/login")
    @ResponseBody
    public String login(@RequestParam("username") String username,@RequestParam("password") String pwd, Model model, HttpSession session){

        return "test";
    }
}

然后运行项目进行测试,当提交表单后显示了文字test表示成功。还要注意一点的是,需要将File Encodings 中的编码都设置为UTF-8,不然会出现乱码。

正文

拦截的方法是通过session实现。

添加拦截器

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
package com.tothefor.Controll;

import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class LoginHI implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        Object loginUser = request.getSession().getAttribute("loginUser"); //获取session
        if(loginUser==null){ //没有登陆
            request.setAttribute("msg","没有权限,请登陆!");
            request.getRequestDispatcher("/").forward(request,response);
            return false;
        }else{
            return true;
        }

    }
}

使用拦截器:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
package com.tothefor.Controll;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class myMVC implements WebMvcConfigurer {
    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/").setViewName("index");
        registry.addViewController("/index.html").setViewName("index");
        registry.addViewController("/main.html").setViewName("main");
    }

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new LoginHI()).addPathPatterns("/**") //拦截所有
                .excludePathPatterns("/","/index.html","/user/login"); //排除(不拦截)
    }
}

添加session

在登陆成功时添加。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
package com.tothefor.controller;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.thymeleaf.util.StringUtils;

import javax.servlet.http.HttpSession;


@Controller
public class testController {

    @RequestMapping("/user/login")
    public String login(@RequestParam("username") String username,@RequestParam("password") String pwd, Model model, HttpSession session){
        if((!StringUtils.isEmpty(username)) && (!StringUtils.isEmpty(pwd))){ //都不为空
            session.setAttribute("loginUser",username); //添加session
            return "redirect:/main.html";
        }else{
            model.addAttribute("msg","请重新输入"); //可以用于给前端页面显示
            return "redirect:/";
        }
    }
}