SpringBoot的拦截器
要求:用户没有登录,不可以进入用户中心页面,跳转到登录页面;当用户登录以后,才能进入用户中心页面
1.UserController控制类
@Controller
public class UserController {
//假装这是数据库内的数据,并取出来用
public static Map<String,String> db=new HashMap();
static {
db.put("zhangsan","zhangsan");
db.put("jam","jam");
db.put("tom","tom");
db.put("rose","rose");
}
@RequestMapping("/tologin.do")
public String tologin(){
return "login";
}
@PostMapping("/login.do")
public String login(String username, String password, Model model, HttpSession session){
String dbpass=db.get(username);
if (dbpass != null && dbpass.equals(password)) {
//登录成功,存储用户信息到session中,下次请求过来,通过session判断用户是否已登录!!
session.setAttribute("username",username);
session.setAttribute("password",password);
return "userCenter";
}else{
//登录失败,去登录页面,并且给点提示
model.addAttribute("msg","帐号或密码错误,请检查重试!!!");
return "login";
}
}
@GetMapping("/userCenter.do")
public String a(){
return "userCenter";
}
}
2.LoginInterceptor(自定义拦截器)
当用户已登录,可以访问manager.html管理页面,如未登录,则访问登录页面,判断是否登录的依据是session中是否有用户的登录信息:
import org.springframework.stereotype.Controller;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
@Controller
public class LoginInterceptor implements HandlerInterceptor {
//处理器方法执行前调用
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//进行登录校验
//规则:判断session中的用户信息
HttpSession session=request.getSession();
Object username=session.getAttribute("username");
if (username != null) {
//已登录
return true;
}else{
//未登录,返回登录界面
request.setAttribute("msg","您未登录,请先进行登录!!!");
request.getRequestDispatcher("/tologin.do").forward(request,response);
return false;
}
}
//处理器方法执行后调用
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
//请求处理完毕后,响应视图前
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
3.MyMVCConfig
编写自定义的SpringMVC配置类,并添加到容器中,在其中重写添加拦截器的方法:
import com.kmu.web.interceptor.LoginInterceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class MyMVCConfig implements WebMvcConfigurer {
//他是用来添加拦截器的
@Override
public void addInterceptors(InterceptorRegistry registry) {
//添加拦截器
InterceptorRegistration interceptorRegistration = registry.addInterceptor(new LoginInterceptor());
//添加拦截映射规则,哪些拦截,哪些不拦截
//先拦截所有
interceptorRegistration.addPathPatterns("/**");
//排除不拦截的
interceptorRegistration.excludePathPatterns("/login.do","/login.html","/tologin.do","*.js","*.css");
}
}
4.userCenter.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h1>这是用户中心页面</h1>
</body>
</html>
5.login.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form th:action="@{/login.do}" method="post">
帐号: <input type="text" name="username"><br>
密码: <input type="password" name="password"><br>
<input type="submit" value="登录"><br>
</form>
<span th:if="${msg != null}" th:text="${msg}"></span>
</body>
</html>
6.截图