老规矩,先上代码:
protected boolean onLoginSuccess(AuthenticationToken token, Subject subject,
ServletRequest request, ServletResponse response) throws Exception {
//WebUtils.redirectToSavedRequest(request, response, JSON.toJSONString(ResultUtil.success()));
// response.reset();
response.setContentType("application/json");
response.setCharacterEncoding("utf-8");
response.getWriter().print(JSON.toJSONString(ResultUtil.success()));
return false;
}
注意事项:onLoginSuccess会将用户的session_id写入head里面进行set-cookie,但是网络上很多使用了response.reset();将头部信息清空了,session写入失败后前台就不会登陆成功。
一、定义登录过滤类
自定义:SunckFormAuthenticationFilter 继承 FormAuthenticationFilter
/**
* 表单过滤类(验证码)
*
* @author LengChen
* @version 1.0
* @date 2020/8/18
*/
public class SunckFormAuthenticationFilter extends FormAuthenticationFilter {
/**
* 登录认证成功后回调方法
* @param request
* @param response
* @throws Exception
*/
protected boolean onLoginSuccess(AuthenticationToken token, Subject subject,
ServletRequest request, ServletResponse response) throws Exception {
//WebUtils.redirectToSavedRequest(request, response, JSON.toJSONString(ResultUtil.success()));
// response.reset();
response.setContentType("application/json");
response.setCharacterEncoding("utf-8");
response.getWriter().print(JSON.toJSONString(ResultUtil.success()));
return false;
}
/**
* 登录失败后回调方法
*
*/
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e,
ServletRequest request, ServletResponse response) {
String className = e.getClass().getName(), message = "";
System.out.println(className);
if (IncorrectCredentialsException.class.getName().equals(className) || AuthenticationException.class.getName().equals(className)
|| UnknownAccountException.class.getName().equals(className)){
if(!"-1".equals(StringUtils.isNumeric(e.getMessage()))){
message = e.getMessage();
}else{
message = ResultEnum.SHIRO_ERROR_4.getStringCode();
}
}
else if (StringUtils.isNotBlank(e.getMessage())) {
message = e.getMessage();
}
else{
message = ResultEnum.UNKNOWN_ERROR.getStringCode();
e.printStackTrace(); // 输出到控制台
}
request.setAttribute(getFailureKeyAttribute(), className);
request.setAttribute(Global.DEFAULT_MESSAGE_PARAM, message);
return true;
}
}
二、shiro配置登录过滤器
shiroFilterChainDefinitions.put("/login", "authc");
//自定义拦截器
Mapfilters = shiroFilterFactoryBean.getFilters();
filters.put("authc", new SunckFormAuthenticationFilter());
注:这里配置了之后,login的post登录会首先进入该过滤器报错后才会继续走controller,如果登录成功会直接进行输