login.jsp
<form action="${pageContext.request.contextPath}/user/login"
method="post">
<div class="form-group has-feedback">
<input type="text" name="username" class="form-control"
placeholder="用户名"> <span
class="glyphicon glyphicon-envelope form-control-feedback"></span>
</div>
<div class="form-group has-feedback">
<input type="password" name="password" class="form-control"
placeholder="密码"> <span
class="glyphicon glyphicon-lock form-control-feedback"></span>
</div>
<div class="row">
<div class="col-xs-8">
<div class="checkbox icheck">
<label><input type="checkbox"> 记住 下次自动登录</label>
</div>
</div>
<!-- /.col -->
<div class="col-xs-4">
<button type="submit" class="btn btn-primary btn-block btn-flat">登录</button>
</div>
<!-- /.col -->
</div>
</form>
需要用拦截器对其他方法进行拦截,不然直接输入地址栏就可以访问其他资源,无需登录
package com.itheima.interceptor;
import com.itheima.domain.User;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class PrivilegeInterceptor implements HandlerInterceptor
{
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception
{
//判断用户是否登录 判断session中有没有user
HttpSession session = request.getSession();
User user = (User) session.getAttribute("user");
if(user==null)
{
//没有登录
response.sendRedirect("/login.jsp");
return false;
}else
{
return true;
}
}
}
注册拦截器的映射地址
<mvc:interceptors><!--拦截器只拦截controller中的方法资源路径-->
<mvc:interceptor>
<mvc:mapping path="/**"/> <!--对所有方法进行拦截-->
<mvc:exclude-mapping path="/user/login"/> <!--排除登录方法的拦截-->
<bean class="com.itheima.interceptor.PrivilegeInterceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
表单提交,执行controller层的方法
@Controller
@RequestMapping("/user")
public class UserController {
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
@RequestMapping("/login")
public String login(String username, String password, HttpSession session)
{
User user = userService.login(username,password);
if(user!=null)
{
session.setAttribute("user",user);
return "redirect:/pages/main.jsp";
}else
{
return "redirect:/login.jsp";
}
}
}
service:
public User login(String username, String password)
{
User user = null;
try {
user = userDao.findUserNameAndPassword(username,password);
return user;
} catch (EmptyResultDataAccessException e) {
return null;
}
}
Dao:(该方法没查询到,jdbcTemplate抛出EmptyResultDataAccessException,因此需要在service层catch这个方法的异常,把user置为null)
public User findUserNameAndPassword(String username, String password) throws EmptyResultDataAccessException
{
User user = (User) jdbcTemplate.queryForObject("select * from sys_user where username=? and password=?",new BeanPropertyRowMapper(User.class),username,password);
return user;
}