SpringBoot登陆拦截,以及排除静态资源拦截的两种写法:
@PostMapping("login")
public String login(String account, String password, Model model, HttpSession session,HttpServletRequest request,HttpServletResponse response){
System.out.println("account:"+account+"-"+"password:"+password);
User user = userService.login(account, password);
if (user != null){
session.setAttribute("loginAccount",account);
return "index";
}else {
model.addAttribute("msg","请填写正确的账号和密码");
return "login";
}
}
自定义拦截器:
public class LoginHandlerInterceptor implements HandlerInterceptor {
//目标方法执行之前进行预检查
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
Object user = request.getSession().getAttribute("loginAccount");
if(user == null){
//未登录,返回登陆页面
request.setAttribute("msg","没有权限请登陆"); //显示提示信息
request.getRequestDispatcher("/user/toLogin").forward(request,response); //获取转发器
//“/user/toLogin”是我的请求路径
return false;
}else{
//已登陆,放行请求
return true;
}
}
}
配置:
@Configuration
public class MyMvcConfig implements WebMvcConfigurer {
private static final List<String> EXCLUDE_PATH = Arrays.asList("/","/user/toLogin","/user/login","/api/**","/css/**","/js/**","/font-awesome-4.7.0/**","/images/**","/jq-module/**","/jquery-3.4.1/**","/layui-v2.5.5/**");
@Override
public void addInterceptors(InterceptorRegistry registry){
registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**").excludePathPatterns(EXCLUDE_PATH);
}
}
其中,excludePathPatterns(EXCLUDE_PATH)写上不拦截的内容:
1.根目录(/)不拦截
2.静态文件(static)不拦截
3.登录不拦截(/user/toLogin),这里需要写上访问的路径,而不是写login.html
4.如果对根目录(即登录页面)进行拦截,将会导致循环重定向
此外,还有另有一种写法:
首先在配置文件中添加映射:
spring.mvc.static-path-pattern=/static/**
如果不进行映射,默认是:
private String staticPathPattern="/**" (即为第一种写法,如/css/**,/js/**等)
那么,排除拦截静态资源就可以写为:
registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**").excludePathPatterns(“/static/**”);