SpringBoot-16-模块开发-首页登陆并权限拦截

褚师子书

于 2022-08-21 10:33:15 发布

阅读量148

点赞数

分类专栏： SpringBoot

本文链接：https://blog.csdn.net/weixin_42045639/article/details/126448110

版权

spring boot java spring

SpringBoot 专栏收录该内容

45 篇文章 1 订阅

订阅专栏

5.6.4 首页登陆并权限拦截

首页开发

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
   <head>
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
      <meta name="description" content="">
      <meta name="author" content="">
      <title>Signin Template for Bootstrap</title>
      <!-- Bootstrap core CSS -->
      <link th:href="@{/asserts/css/bootstrap.min.css}" rel="stylesheet">
      <!-- Custom styles for this template -->
      <link th:href="@{/asserts/css/signin.css}" rel="stylesheet">
   </head>

   <body class="text-center">
      <form class="form-signin" th:action="@{/user/login}">
         <img class="mb-4" th:src="@{/asserts/img/bootstrap-solid.svg}" alt="" width="72" height="72">
         <h1 class="h3 mb-3 font-weight-normal" th:text="#{login.tip}">Please sign in</h1>
         <!--msg不为空则显示消息-->
         <p style="color:red;" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p>
         <label class="sr-only" th:text="#{login.username}">Username</label>
         <input type="text" name="username" class="form-control" th:placeholder="#{login.username}" required="" autofocus="">
         <label class="sr-only" th:text="#{login.password}">Password</label>
         <input type="password" name="password" class="form-control" th:placeholder="#{login.password}" required="">
         <div class="checkbox mb-3">
            <label>
          <input type="checkbox" value="remember-me">[[#{login.rememberme}]]<!-- th:text="#{login.rememberme}"也可以-->
        </label>
         </div>
         <button class="btn btn-lg btn-primary btn-block" type="submit" th:text="#{login.btn}">sign in</button>
         <p class="mt-5 mb-3 text-muted">© 2017-2018</p>
         <a class="btn btn-sm" th:href="@{/index.html(l='zh_CN')}">中文</a>
         <a class="btn btn-sm" th:href="@{/index.html(l='en_US')}">English</a>
      </form>

   </body>

</html>

注意请求路径使用的thymeleaf标签th:action=“@{/user/login}”

还有消息返回提示是判断msg是否存在的strings工具类的使用及逻辑运算符not的使用${not #strings }

控制器的设置LoginController，同mvc一样，不一样的地方在重定向路径加了主页映射路由在MyMvcConfiguration类的addViewControllers方法中，可以屏蔽实际主页请求路径

package com.zk.controller;

import com.zk.constant.Constant;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

import javax.servlet.http.HttpSession;

/**
 * @author CNCLUKZK
 * @create 2022/7/31-23:44
 */
@Controller
@RequestMapping("/user")
public class LoginController {

    @RequestMapping("/login")
    public String toLogin(@RequestParam("username") String username, @RequestParam("password") String password, Model model
    , HttpSession session){

        if (StringUtils.hasText(username)&&password.contains("123")){
            // 登录成功，将用户信息保存到session对象中
            session.setAttribute(Constant.Session_user,username);
            return "redirect:/main";
        }else {
            model.addAttribute("msg","登陆信息有误！");
            return "index";
        }
    }

    @RequestMapping("/loginOut")
    public String loginOut(HttpSession session){
        // 清除 session
        session.removeAttribute(Constant.Session_user);
        //退出操作，重定向到登陆页面
        return "redirect:/index";
    }
}

@Configuration
public class MyMvcConfiguration implements WebMvcConfigurer {

        //视图跳转
        @Override
        public void addViewControllers(ViewControllerRegistry registry) {
            //浏览器发送特殊请求，就会跳转到特定页面
            registry.addViewController("/").setViewName("index");
            registry.addViewController("/index").setViewName("index");
            registry.addViewController("/index.html").setViewName("index");
            registry.addViewController("/main").setViewName("dashboard");
        }
    }

未登录权限链接器和springmvc一样需要实现HandlerInterceptor接口

package com.zk.config;

import com.zk.constant.Constant;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author CNCLUKZK
 * @create 2022/8/2-12:54
 */
public class MyHandlerInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String username = (String)request.getSession().getAttribute(Constant.Session_user);
        if (StringUtils.hasText(username)) {
            return true;
        }
        request.setAttribute("msg","没有登陆权限！");
        request.getRequestDispatcher("/index").forward(request,response);
        return false;
    }
}

之后将和这个拦截器配置到MyMvcConfiguration可以使用自定义类扩展springmvc的功能，注意拦截器参数先拦截所有请求，之后排除登陆页和静态资源请求

@Override
public void addInterceptors(InterceptorRegistry registry) {
    registry.addInterceptor(new MyHandlerInterceptor()).addPathPatterns("/**").excludePathPatterns("/user/login"
    ,"/","/asserts/**","/index");
}

之后显示到dashboard.html主页，需要注意的是显示在top栏的用户信息用thymeleaf标签中的[[${session.Session_user}]]来取，退出按钮用用thymeleaf标签中的th:href="@{/user/loginOut}
访问http://127.0.0.1:8081/zk/正常显示登陆页面，路径不拦截

在这里插入图片描述