登录校验与拦截的代码和图解
@getter @serter
public class Employee {
private Long in;
private String name;
private String password;
private String email;
private Integer age;
private boolean admin;
}
<?xml version="1.0" encoding="UTF-8"?>
< beans xmlns = " http://www.springframework.org/schema/beans"
xmlns: mvc= " http://www.springframework.org/schema/mvc"
xmlns: xsi= " http://www.w3.org/2001/XMLSchema-instance"
xsi: schemaLocation= " http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd" >
< mvc: interceptors>
< mvc: interceptor>
< mvc: mapping path = " /**" />
< mvc: exclude-mapping path = " /login.do" />
< bean class = " com.hao.rbac.web.interceptor.CheckLoginIterceptor" />
</ mvc: interceptor>
< mvc: interceptor>
< mvc: mapping path = " /**" />
< mvc: exclude-mapping path = " /login.do" />
< bean class = " com.hao.rbac.web.interceptor.SecurityInterceptor" />
</ mvc: interceptor>
</ mvc: interceptors>
</ beans>
public class CheckLoginIterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle ( HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Object emp = request. getSession ( ) . getAttribute ( "emp_in_session" ) ;
if ( emp == null) {
response. sendRedirect ( "/login.jsp" ) ;
return false ;
}
return true ;
}
}
@Controller
public class LoginController {
@Autowired
private IEmployeetService employeetService;
@RequestMapping ( "login" )
public String login ( String username, String password, Model model) {
try {
employeetService. login ( username, password) ;
} catch ( Exception e) {
e. printStackTrace ( ) ;
model. addAttribute ( "msg" , e. getMessage ( ) ) ;
return "forward://login.jsp" ;
}
return "redirect:/main.do" ;
}
@RequestMapping ( "main" )
public String main ( ) {
return "main" ;
}
}
public interface IEmployeetService {
void login ( String username, String password) ;
}
@Service
public class EmployeeServiceImpl implements IEmployeetService {
@Autowired
private EmployeeMapper employeeMapper;
public void login ( String username, String password) {
Employee emp = employeeMapper. selectEmployeebyInfo ( username, password) ;
if ( emp == null) {
throw new RuntimeException ( "账号和密码不匹配" ) ;
}
HttpSession session = ( ( ServletRequestAttributes) RequestContextHolder. getRequestAttributes ( ) ) . getRequest ( ) . getSession ( ) ;
session. setAttribute ( "emp_in_session" , emp) ;
List< String> exps = permissionMapper. selectExpressionsByEmployeeId ( emp. getId ( ) ) ;
session. setAttribute ( "emps_in_session" , exps) ;
}
}
public interface EmployeeMapper {
Employee selectEmployeebyInfo ( @Param ( "username" ) String username, @Param ( "password" ) String password) ;
}
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
< mapper namespace = " xxx.EmployeeMapper" >
< select id = " selectEmployeebyInfo" resultType = " Employee" >
select e.id,e.name,e.password,e.email,e.age,e.admin from employee e where e.name = #{username} and e.password = #{password}
</ select>
</ mapper>