在进行登录操作时我们都要使用拦截器拦截用户的访问,以避免用户未登录操作。
以下是对登录操作的简单拦截,自己可针对自己的业务进行扩展。
自定义BaseInterceptor实现HandlerInterceptor,用户发送的每个请求都会被preHandle()方法拦截,我们就可以在preHandle方法中实现自己的业务员逻辑,哪些不需要被拦截等等操作。
package com.vanfon.p2p.back.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.vanfon.p2p.entity.system.Admin;
import com.vanfon.p2p.entity.system.Log;
import com.vanfon.p2p.utils.ThreadLocalUtils;
public class BaseInterceptor implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object object, Exception arg3) throws Exception {
// System.out.println("afterCompletion---");
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object object, ModelAndView modelAndView) throws Exception {
// System.out.println("postHandle---");
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
Admin user = (Admin) request.getSession().getAttribute("admin");
String requestURI = request.getRequestURI();
String loginUrl = "/login.jhtml";
String uri = requestURI.substring(requestURI.lastIndexOf("/"));
if (user == null) {
if (uri.startsWith("/login") || uri.startsWith("/imageLogin") || uri.startsWith("/checkLogin")) {
return true;
} else {
// 非法请求 重定向到登录页面
response.sendRedirect(request.getContextPath() + loginUrl);
return false;
}
} else {
// 添加日志
String ip = request.getRemoteAddr();
Long adminId = user.getId();
Log log = new Log();
log.setAdminId(adminId);
log.setIp(ip);
ThreadLocalUtils.set(log);
return true;
}
}
}
<!-- 自定义拦截器 -->
<mvc:interceptors>
<bean class="com.vanfon.p2p.back.interceptor.BaseInterceptor" />
</mvc:interceptors>