springboot中拦截器不需要在xml中配置,只需定义拦截器类 implements HandlerInterceptor
一.新建LoginIntercepter
package com.example.LoginInterceptor;
import org.springframework.lang.Nullable;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* ClassName: LoginInterceptor
* Description: TODO
* Author Lu.Mrs
* Date: 2018/08/20下午 4:33
* Version: 1.0
*/
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//获取请求的URL
String url = request.getRequestURI();
//获取Session
Object userName = request.getSession().getAttribute("userName");
//URL:login.jsp是公开的;这个demo是除了login.jsp是可以公开访问的,其它的URL都进行拦截控制
if (null == userName || !(userName instanceof String)) {
// 未登录,重定向到登录页
response.sendRedirect("toLogin");
return false;
}else {
return true;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
}
}
二.设置拦截器,放行静态资源
package com.example.LoginInterceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.CacheControl;
import org.springframework.web.servlet.config.annotation.*;
import java.util.concurrent.TimeUnit;
/**
* ClassName: LoginConfiguration
* Description: TODO
* Author Lu.Mrs
* Date: 2018/08/20下午 5:00
* Version: 1.0
*/
@Configuration
public class LoginConfiguration extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginInterceptor()).addPathPatterns("/**").excludePathPatterns("/toLogin","/login","/logout",
"/static/**");
super.addInterceptors(registry);
// 注册拦截器
// LoginInterceptor loginInterceptor = new LoginInterceptor();
// InterceptorRegistration loginRegistry = registry.addInterceptor(loginInterceptor);
// // 拦截路径
// loginRegistry.addPathPatterns("/**");
// // 排除路径
// loginRegistry.excludePathPatterns("/");
// loginRegistry.excludePathPatterns("/toLogin");
// loginRegistry.excludePathPatterns("/login");
// loginRegistry.excludePathPatterns("/logout");
// // 排除资源请求
// loginRegistry.excludePathPatterns("/static/*");
//
// super.addInterceptors(registry);
}
/**
* 修改springboot中默认的静态文件路径
* */
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
//addResourceHandler请求路径
//addResourceLocations 在项目中的资源路径
//setCacheControl 设置静态资源缓存时间
registry.addResourceHandler("/static/**").addResourceLocations("classpath:/static/");
super.addResourceHandlers(registry);
}
}
三.建立LoginController,便可实现登录的拦截验证了
@RequestMapping("/login")
@ResponseBody
public JSONObject login(HttpServletRequest request,String username,String password){
JSONObject jsonObject = new JSONObject();
if(username!=null && password !=null){
User user = userService.findUserByName(username, password);
if(user!=null){
request.getSession().setAttribute("userId",user.getId());
request.getSession().setAttribute("userName",user.getUsername());
jsonObject.put("status","0");
jsonObject.put("msg","登录成功!");
return jsonObject;
}else {
jsonObject.put("status","1");
jsonObject.put("msg","账号或密码不正确,请重新登录!");
return jsonObject;
}
}else{
jsonObject.put("status","1");
jsonObject.put("msg","请填写正确信息!");
return jsonObject;
}
}