首先LoginController
public class LoginController {
@Autowired
private AdminService adminService;
@PostMapping("/login")
public Result login(@RequestBody Admin admin){
log.info("管理员登录:{}",admin);
Admin a =adminService.login(admin);
//登录成功,生成令牌并下发令牌
if(a!=null){
Map<String,Object> claims =new HashMap<>();
claims.put("id",a.getId());
claims.put("username",a.getUsername());
claims.put("password",a.getPassword());
String token = JwtUtils.generateJwt(claims);//jwt包含当前登录的员工信息
Map<String, String> response = new HashMap<>();
response.put("token", token);
System.out.println(token);
return Result.success(token);
}
//登陆失败,返回错误信息
return Result.error("用户名或密码错误");
}
}
然后是
LoginCheckFilter
public class LoginCheckFilter implements Filter {
public static final AntPathMatcher PATH_MATCHER = new AntPathMatcher();
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest) servletRequest;
HttpServletResponse resp=(HttpServletResponse) servletResponse;
//获取请求URL。
String requestURI=req.getRequestURI().toString();
log.info("请求的url: {}",requestURI);
String[] urls = new String[]{
"/login",
"/login.html",
"/Admin.html",
"/login_picture.png",
"/deleteAd"
};
//2、判断本次请求是否需要处理
boolean check = check(urls,requestURI);
//3、如果不需要处理,则直接放行
if(check){
log.info("本次请求{}不需要处理",requestURI);
filterChain.doFilter(req,resp);
return;
}
//获取token
String token=req.getHeader("token");
log.info("从请求头中获取的令牌:{}",token);
//判断令牌是否存在
if(!StringUtils.hasLength(token)){
log.info("请求头token为空,返回未登录信息");
Result error = Result.error("NOT_LOGIN");
String notLogin = JSONObject.toJSONString(error);
resp.getWriter().write(notLogin);
return;
}
//解析令牌
try{
JwtUtils.parseJWT(token);
}catch(Exception e){
e.printStackTrace();
log.info("解析令牌失败,返回错误信息");
Result error = Result.error("NOT_LOGIN");
String notLogin = JSONObject.toJSONString(error);
resp.getWriter().write(notLogin);
return;
}
//令牌合法
log.info("令牌合法,放行");
filterChain.doFilter(servletRequest,servletResponse);
}
public boolean check(String[] urls,String requestURI){
for (String url : urls) {
boolean match = PATH_MATCHER.match(url, requestURI);
if(match){
return true;
}
}
return false;
}
}
还有
JwtUtils
public class JwtUtils {
private static String signKey = "yuxu_library";
private static Long expire = 43200000L;
/**
* 生成JWT令牌
* @param claims JWT第二部分负载 payload 中存储的内容
* @return
*/
public static String generateJwt(Map<String, Object> claims){
String jwt = Jwts.builder()
.addClaims(claims)
.signWith(SignatureAlgorithm.HS256, signKey)
.setExpiration(new Date(System.currentTimeMillis() + expire))
.compact();
return jwt;
}
/**
* 解析JWT令牌
* @param jwt JWT令牌
* @return JWT第二部分负载 payload 中存储的内容
*/
public static Claims parseJWT(String jwt){
Claims claims = Jwts.parser()
.setSigningKey(signKey)
.parseClaimsJws(jwt)
.getBody();
return claims;
}
}
前端对登录页面进行操作
methods:{
onSubmit() {
var url = `/login`
axios.post(url, {
username: this.admin.username,
password: this.admin.password
})
.then(response => {
this.tableData = response.data;
const token = response.data.data;
localStorage.setItem('token', token);
localStorage.setItem('adminName', this.admin.username); // 保存管理员姓名
console.log('Token:', token); // 新增的打印token到控制台的语句
console.log('Admin Name:', this.admin.username);
if(this.tableData.data!=null) {
location.href = 'Admin.html'
}
else {
// location.href = 'login.html'
alert('登录失败,请检查您的用户名和密码');
}
})
.catch(error=>{
console.error(error);
alert('登录失败,请检查您的用户名和密码');
})
}
}
对管理员管理页面进行处理
在各个方法中插入
比如按ID查询管理员信息的方法
getById(id) {
this.dialogFormVisible2 = true
const url = `selectById/${id}`;
axios.get(url,{
headers: {
'token': this.token
}
})
.then(response => {
const baseResult = response.data
if (baseResult.code == 1) {
this.form1 = baseResult.data
} else {
console.error('获取数据失败', baseResult.message);
this.dialogFormVisible2 = false;
}
})
.catch(error => {
console.error('请求出错', error);
this.dialogFormVisible2 = false;
})
},
后台用postman进行检验
登录界面:
查询界面
前台展示:
点击登录进入管理页面端