一、登录验证
- 简单登入界面:
login.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Login in</title>
</head>
<body>
<form action="/login">
<span style="color: red" th:text="${msg}">
</span><br>
用户名:<input name="username" type="text"><br>
密 码:<input name="password" type="password">
<br><br>
<input type="submit" value="登录">
</form>
</body>
</html>
登录成功跳转的页面:
success.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>成功页面</title>
</head>
<body>
<h1>登录成功</h1>
</body>
</html>
后台:登录验证
@Controller
public class TestController {
@RequestMapping("/login")
public String login2(@RequestParam("username") String username,@RequestParam("password") String password,Model model){
if (!StringUtils.isEmpty(username) && "123456".equals(password)){
return "redirect:/success.html";
}else {
model.addAttribute("msg","密码错误");
return "login";
}
}
}
二、登录拦截器
没有等录拦截器的话,用户不登陆也可以直接访问successhtml页面,我们就是需要拦截success页面,只有等录了才可以进去。
例如:
- 编写拦截器类:继承接口HandlerInterceptor,前提:在Controller类里面验证成功后需要发送一个HttpSession:
session.setAttribute("loginSuccess",username);
然后在这里接收
public class LoginHandlerInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//Session 不为空 表示已等录 放行
Object loginSuccess = request.getSession().getAttribute("loginSuccess");
if (loginSuccess == null){
request.setAttribute("msg","没有权限,请先登入!");
request.getRequestDispatcher("/login.html").forward(request,response);
return false;
}else {
return true;
}
}
}
- 把拦截器类加载到MvcConfig.java 中:
addPathPatterns("/**")
表示拦截的东西,/**表示拦截所有
excludePathPatterns("/login.html","/css/**","/img/**","/js/**")
表示除了里面的不拦截
@Configuration
public class MvcConfig implements WebMvcConfigurer {
//视图跳转
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/success.html").setViewName("success");
registry.addViewController("/login.html").setViewName("login");
}
//加入拦截器
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginHandlerInterceptor())
.addPathPatterns("/**")
.excludePathPatterns("/login.html","/login","/css/**","/img/**","/js/**");
}
}