ssm登录校验与拦截的代码和图解

spring 同时被 2 个专栏收录
3 篇文章 0 订阅
36 篇文章 0 订阅

登录校验与拦截的代码和图解

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-j7bjAy9z-1597377065017)(D:\笔记\图片\微信图片_20200612132749.png)]

@getter@serter
public class Employee {
    private Long in;
    private String name;
    private String password;
    private String email;
    private Integer age;
    private boolean admin;
}

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:mvc="http://www.springframework.org/schema/mvc"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc.xsd">
	<!--配置拦截器-->
	<mvc:interceptors>
		<!--检查登录拦截器-->
		<mvc:interceptor>
			<mvc:mapping path="/**"/>
			<mvc:exclude-mapping path="/login.do"/>
			<bean class="com.hao.rbac.web.interceptor.CheckLoginIterceptor"/>
		</mvc:interceptor>
		<!--权限检查拦截器-->
		<mvc:interceptor>
			<mvc:mapping path="/**"/>
			<mvc:exclude-mapping path="/login.do"/>
			<bean class="com.hao.rbac.web.interceptor.SecurityInterceptor"/>
		</mvc:interceptor>
	</mvc:interceptors>
</beans>
//检查登录拦截器
public class CheckLoginIterceptor extends HandlerInterceptorAdapter{
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //从session中取出当前登录的用户
        Object emp = request.getSession().getAttribute("emp_in_session");
        if (emp == null){   //没有登录
            response.sendRedirect("/login.jsp");
            return false;
        }
        return true;
    }
}
@Controller
public class LoginController {
    @Autowired
    private IEmployeetService employeetService;

    @RequestMapping("login")
    public String login(String username, String password, Model model){
        try {
             employeetService.login(username,password);
        }catch (Exception e){
            e.printStackTrace();
            model.addAttribute("msg",e.getMessage());
            return "forward://login.jsp";
        }
        return "redirect:/main.do";
    }

    @RequestMapping("main")
    public String main(){
        return "main";
    }
}
public interface IEmployeetService {
    void login(String username, String password);
}
@Service
public class EmployeeServiceImpl implements IEmployeetService{
    @Autowired
    private EmployeeMapper employeeMapper;
    
    public void login(String username, String password) {
        Employee emp = employeeMapper.selectEmployeebyInfo(username, password);
        if (emp == null){
            throw new RuntimeException("账号和密码不匹配");
        }
        //登录成功
       //把当前登录成功的用户存入session
        HttpSession session = ((ServletRequestAttributes) 		     RequestContextHolder.getRequestAttributes()).getRequest().getSession();
        session.setAttribute("emp_in_session",emp);
        //把当前用户的所拥有的权限表达式查询出来存入session,目的用于权限校验
        List<String> exps = permissionMapper.selectExpressionsByEmployeeId(emp.getId());
        session.setAttribute("emps_in_session",exps);
    }
}
public interface EmployeeMapper {
    Employee selectEmployeebyInfo(@Param("username") String username, @Param("password") String password);
}

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper  PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"  
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="xxx.EmployeeMapper">
	<select id="selectEmployeebyInfo" resultType="Employee">
		select e.id,e.name,e.password,e.email,e.age,e.admin from employee e where e.name = #{username} and e.password = #{password}
	</select>
</mapper>
  • 0
    点赞
  • 0
    评论
  • 0
    收藏
  • 打赏
    打赏
  • 扫一扫,分享海报

参与评论 您还未登录,请先 登录 后发表或查看评论
©️2022 CSDN 皮肤主题:1024 设计师:我叫白小胖 返回首页

打赏作者

Coding~Farmer

你的鼓励将是我创作的最大动力

¥2 ¥4 ¥6 ¥10 ¥20
输入1-500的整数
余额支付 (余额:-- )
扫码支付
扫码支付:¥2
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值