1. 权限拦截器
public class PrivilegeInterceptor implements HandlerInterceptor { public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException { //逻辑:判断用户是否登录 本质:判断session中有没有user HttpSession session = request.getSession(); User user = (User) session.getAttribute("user"); if(user==null){ //没有登录 response.sendRedirect(request.getContextPath()+"/login.jsp"); return false; } //放行 访问目标资源 return true; } }
2. 配置文件配置权限拦截器
spring-mvc.xml<!--配置权限拦截器--> <mvc:interceptors> <mvc:interceptor> <!--配置对哪些资源执行拦截操作--> <mvc:mapping path="/**"/> <!--配置哪些资源排除拦截操作--> <mvc:exclude-mapping path="/user/login"/> <bean class="com.itheima.interceptor.PrivilegeInterceptor"/> </mvc:interceptor> </mvc:interceptors>
3. 登录
@Controller @RequestMapping("/user") public class UserController { @Autowired private UserService userService; @RequestMapping("/login") public String login(String username,String password,HttpSession session){ User user = userService.login(username,password); if(user!=null){ //登录成功 将user存储到session session.setAttribute("user",user); return "redirect:/index.jsp"; } return "redirect:/login.jsp"; } }
public class UserServiceImpl implements UserService { public User login(String username, String password) { try { User user = userDao.findByUsernameAndPassword(username,password); return user; }catch (EmptyResultDataAccessException e){ return null; } } }
异常抛出
public class UserDaoImpl implements UserDao { public User findByUsernameAndPassword(String username, String password) throws EmptyResultDataAccessException{ User user = jdbcTemplate.queryForObject("select * from sys_user where username=? and password=?", new BeanPropertyRowMapper<User>(User.class), username, password); return user; } }