springMVC练习-实现简单登录权限验证

使用拦截器实现用户登录权限验证

项目结构

User实体代码

package com.springmvc.entity;

public class User {
	private String loginName;
	private String password;
	public String getLoginName() {
		return loginName;
	}
	public void setLoginName(String loginName) {
		this.loginName = loginName;
	}
	public String getPassword() {
		return password;
	}
	public void setPassword(String password) {
		this.password = password;
	}
	
}

Controller代码：

package com.springmvc.controller;

import javax.servlet.http.HttpSession;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.springmvc.entity.User;

@Controller
public class UserController {
	//向用户页面登录跳转的方法
	@RequestMapping(value="/toLogin",method=RequestMethod.GET)
	public String loginPage() {
		return "login";
	}
	
	//用户实现登录的方法
	@RequestMapping(value="/login",method=RequestMethod.POST)
	public String login(User user,Model model,HttpSession session) {
		String loginName=user.getLoginName();
		String password=user.getPassword();
		if(loginName!=null && password!=null && loginName.equals("admit") && password.equals("123")) {
			System.out.println("登录功能实现!");
			session.setAttribute("CURRENT_USER", user);
			return "redirect:index";
		}
		model.addAttribute("message", "账号或密码错误！");
		return "login";
	}
	
	//向主页跳转的方法
	@RequestMapping(value="/index")
	public String indexPage() {
		return "index";
	}
	
	//用户退出登录的方法
	@RequestMapping(value="/logout")
	public String logout(HttpSession session) {
		session.invalidate();
		return "redirect:toLogin";
	}
}

拦截器代码：

package com.springmvc.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

public class LoginInterceptor implements HandlerInterceptor{

	@Override
	public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
			throws Exception {
		// TODO Auto-generated method stub
		
	}

	@Override
	public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
			throws Exception {
		// TODO Auto-generated method stub
		
	}

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
		// TODO Auto-generated method stub
		String url = request.getRequestURI();
		System.out.println(url);
		if(!(url.contains("Login")||url.contains("login"))) {//如果不是登录操作，判断是否有用户数据
			if(request.getSession().getAttribute("CURRENT_USER")!=null) {
				return true;//有用户数据，说明登录成功
			}else {
				request.setAttribute("message", "您还没登录，请先登录!");
				request.getRequestDispatcher("/pages/login.jsp").forward(request, response);
				return false;
			}
		}else {
			return true;
		}
	}

}

spring配置文件代码：

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:context="http://www.springframework.org/schema/context"
	xmlns:mvc="http://www.springframework.org/schema/mvc"
	xmlns:p="http://www.springframework.org/schema/p"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
		http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.3.xsd
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd
		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd">
	
    <context:component-scan base-package="com.springmvc.*"></context:component-scan>
    <mvc:annotation-driven/>
    <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
	    <property name="prefix" value="/pages/"></property>
	    <property name="suffix" value=".jsp"></property>
	</bean>
    
    <!-- 配置拦截器信息 -->
    <mvc:interceptors>
		<mvc:interceptor>
		    <mvc:mapping path="/**"/>
		    <bean class="com.springmvc.interceptor.LoginInterceptor"/>
		</mvc:interceptor>        
    </mvc:interceptors>

</beans>

index.jsp代码：

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>index</title>
</head>
<body>
	欢迎,${sessionScope.CURRENT_USER.loginName }|
	<a href="${pageContext.request.contextPath }/logout">退出</a>
</body>
</html>

login.jsp代码：

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>login</title>
</head>
<body>
	<font color="red">${requestScope.message }</font><br><br>
	<form action="${pageContext.request.contextPath }/login"method="post">
		账号：<input type="text" name="loginName"><br><br>
		密码：<input type="password" name="password"><br><br>
		<input type="submit" value="登录"><br><br>
	</form>
</body>
</html>

运行效果：