没有连接数据库所以就是使用了固定的登录名和密码。
- 编写登录的Controller
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import java.util.Map;
@Controller
public class LoginController {
// @RequestMapping(value = "/userLogin", method = RequestMethod.POST) // 原始的注解
@PostMapping(value = "/userLogin") // rest风格API
public String login(@RequestParam("username") String username, @RequestParam("password") String password, Map<String, Object> map) {
if (!StringUtils.isEmpty(username) && !StringUtils.isEmpty(password) && "admin".equals(username) && "admin123".equals(password)) { // 登录成功,跳转到dashboard.html页面
return "dashboard";
} else {
// 失败,返回失败信息,并跳转到登录页面
map.put("message", "用户名或密码错误");
return "login";
}
}
}
- 将页面的请求修改为LoginController中的userLogin、并且在页面登录页面中返回失败信息
<form class="form-signin" th:action="@{/userLogin}" action="dashboard.html" method="post">
<img class="mb-4" src="asserts/img/bootstrap-solid.svg" th:src="@{asserts/img/bootstrap-solid.svg}" alt="" width="72" height="72">
<h1 class="h3 mb-3 font-weight-normal" th:text="#{login.tip}">Please sign in</h1>
<p style="color: red" th:text="${message}" th:if="${not #strings.isEmpty(message)}"></p>
<label class="sr-only" th:text="#{login.username}">Username</label>
<input type="text" name="username" class="form-control" placeholder="username" required="" autofocus="" th:placeholder="#{login.username}">
<label class="sr-only" th:text="#{login.password}">Password</label>
<input type="password" name="password" class="form-control" placeholder="Password" required="" th:placeholder="#{login.password}">
<div class="checkbox mb-3">
<label>
<input type="checkbox" value="remember-me"> [[#{login.remember}]]
</label>
</div>
<button class="btn btn-lg btn-primary btn-block" type="submit" th:text="#{login.sign}">Sign in</button>
<p class="mt-5 mb-3 text-muted">© 2017-2018</p>
<a class="btn btn-sm" th:href="@{index.html(l='zh_CN')}">中文</a>
<a class="btn btn-sm" th:href="@{index.html(l='en_US')}">English</a>
</form>
修改请求地址:使用@{}设置请求地址
<form class="form-signin" th:action="@{/userLogin}" action="dashboard.html" method="post">
添加失败信息:失败信息只有在登录失败的时候显示,所以使用了th:if="",而且使用了thymeleaf的内置对象strings,处理字符串的对象,判断,如果返回的失败信息message不为空的时候,就生成p标签,否则不生成。
<p style="color: red" th:text="${message}" th:if="${not #strings.isEmpty(message)}"></p>
现在是没有生成提示的p标签的,现在输入的是错误的用户名和密码,登录之后:
现在是生成了失败的提示信息了。输入正确的用户名和密码登录成功,
但是在点击刷新的时候,会出现重复提交:
所以这个时候使用重定向,进行登录成功时的跳转,但是在使用重定向的时候要先配置视图映射
视图映射:
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("login");
registry.addViewController("/login").setViewName("login");
registry.addViewController("/login.html").setViewName("login");
registry.addViewController("/index").setViewName("login");
registry.addViewController("/index.html").setViewName("login");
registry.addViewController("/main.html").setViewName("dashboard");
}
然后改造一下LoginController:
public String login(@RequestParam("username") String username, @RequestParam("password") String password, Map<String, Object> map, HttpSession session) {
if (!StringUtils.isEmpty(username) && !StringUtils.isEmpty(password) && "admin".equals(username) && "admin123".equals(password)) {
session.setAttribute("loginUser", "admin");
// return "dashboard";
// 重定向到main.html===> dashboard
return "redirect:/main.html";
} else {
map.put("message", "用户名或密码错误");
return "login";
}
}
现在刷新是没有问题了,但是现在直接访问http://localhost:8080/main.html也会进入到首页,那么登录的功能就没有什么用了,所以需要配置一个登录拦截器,但是在这之前要将登录用户信息放入session中:上面改造的时候我已经加了:
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginHandlerInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Object loginUser = request.getSession().getAttribute("loginUser");
if (loginUser == null) {
request.setAttribute("message", "请先登录!!!");
request.getRequestDispatcher("/login.html").forward(request, response);
return false;
} else {
return true;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
然后将自己的拦截器注册进容器中:
@Bean
public WebMvcConfigurer webMvcConfigurer() {
return new WebMvcConfigurer() {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("login");
registry.addViewController("/login").setViewName("login");
registry.addViewController("/login.html").setViewName("login");
registry.addViewController("/index").setViewName("login");
registry.addViewController("/index.html").setViewName("login");
registry.addViewController("/main.html").setViewName("dashboard");
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 添加拦截器
registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**").excludePathPatterns("/login", "/", "/login.html", "/userLogin");
}
};
}
现在来测试一下:
成功!!