被动登录后台代码
6.1 依赖
<!-- thymeleaf -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<!-- StringUtils工具类的来源 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.9</version>
</dependency>
<!-- httpclient -->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.7</version>
</dependency>
<!-- JWT 核心依赖 -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.4.0</version>
</dependency>
<!-- Java开发 JWT的依赖jar -->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
6.2 自定义注解
和主动登录一致
6.3 util
和主动登录一致
6.4 拦截器
@Component
public class AuthInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//拦截代码
HandlerMethod hm = (HandlerMethod) handler;
LoginRequired methodAnnotation = hm.getMethodAnnotation(LoginRequired.class);
//是否拦截
if (methodAnnotation == null) {
return true;
}
boolean b = methodAnnotation.loginSuccess();
if (!b) { // 可以不登陆 必须要验证token
String cookieValue = CookieUtil.getCookieValue(request, "token");
String s = HttpClientUtil.doGet("http://validate.cy.com/validate?token=" + cookieValue);
if (s.equals("success")) { //验证成功覆盖token(有可能token有时间要求,所以需要覆盖)
request.setAttribute("msg", "success");
request.setAttribute("username", "cy");
} else {
request.setAttribute("msg", "fail");
}
} else {// 必须登录
//判断是否有token 没有: 没登陆过 有: 校验token
String token = "";
String oldToken = CookieUtil.getCookieValue(request, "token", true);
if (StringUtils.isNotBlank(oldToken)) {
token = oldToken;
}
//如果token 为空 则为没登陆
if (StringUtils.isBlank(token)) {
//去登录
response.sendRedirect("http://login.cy.com/toLogin?ReturnUrl=" + request.getRequestURL());
return false;
} else {
// 验证token 验证成功覆盖token(有可能token有时间要求,所以需要覆盖)
String cookieValue = CookieUtil.getCookieValue(request, "token");
String s = HttpClientUtil.doGet("http://validate.cy.com/validate?token=" + cookieValue);
if (s.equals("success")) {
//订单需要的代码
} else {
//阻止跳转
return false;
}
}
}
return true;
}
}
6.5 controller
@Controller
@RequestMapping("/")
public class MainController {
@RequestMapping("toMain")
@LoginRequired(loginSuccess = false)
public String toMain() {
return "main";
}
@RequestMapping("toCart")
@LoginRequired(loginSuccess = false)
public String toCart() {
return "cart";
}
@RequestMapping("toOrder")
@LoginRequired(loginSuccess = true)
public String toOrder() {
return "order";
}
}
@Controller
@RequestMapping("/")
public class LoginController {
@RequestMapping("toLogin")
public String toLogin(String ReturnUrl, Map map) {
map.put("ReturnUrl", ReturnUrl);
return "login";
}
@RequestMapping("login")
@ResponseBody
public String login(String username, String password, HttpServletRequest request, HttpServletResponse response) {
String msg = "";
if (username.equals("zhangsan")) {
//创建jwt的token
String token = JWTUtils.creatJWT(UUID.randomUUID().toString(), "cy", "cy", 0);
CookieUtil.setCookie(request,response,"token",token);
msg = "success";
} else {
msg = "fail";
}
return msg;
}
}
/**
* 认证中心
*/
@Controller
@RequestMapping("/")
public class ValidateController {
@RequestMapping("validate")
@ResponseBody
public String validate(String token) {
//校验 token
JWTResult result = JWTUtils.validateJWT(token);
if (result.isSuccess()) {
return "success";
} else {
return "fail";
}
}
}
6.6 页面
main.html
<!doctype html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>首页</title>
</head>
<body>
<h1>首页</h1>
<a th:if="${msg == 'fail'}" href="http://login.cy.com/toLogin?ReturnUrl=http://main.cy.com/toMain">您好,请登录</a>
<a th:if="${msg == 'success'}" href="http://login.cy.com/toLogin?ReturnUrl=http://main.cy.com/toMain">欢迎,</a><span th:text="${username}"></span>
<br><br><br>
鸡腿:$3.0
<a href="http://order.cy.com/toOrder?ReturnUrl=http://main.cy.com/toOrder">购买</a>
</body>
</html>
login.html
和主动登录一致