该文章介绍了如何在SpringBoot项目中导入静态资源,包括HTML、CSS和JS,并使用Thymeleaf模板引擎。接着,文章详细讲解了如何设置登录控制器,实现简单的登录验证,成功后跳转至主页,失败则返回登录页面。最后,文章讨论了如何配置拦截器以保护主页,防止未登录用户直接访问,并确保登录页面和静态资源不受拦截。
需求:
导入静态资源
实现登录操作(不操作数据库)
实现页面拦截
1.导入静态资源
1.1将静态html资源放置在resuorces下的templates目录下,css,js等存放在static文件夹下
1.2 为了能够使用thymeleaf需要在html中加入依赖
登录页面index.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>Signin Template for Bootstrap</title>
<!-- Bootstrap core CSS -->
<link th:href="@{/css/bootstrap.min.css}" rel="stylesheet">
<!-- Custom styles for this template -->
<link th:href="@{/css/signin.css}" rel="stylesheet">
</head>
<body class="text-center">
<form class="form-signin" th:action="@{/user/login}">
<img class="mb-4" th:src="@{/img/bootstrap-solid.svg}" alt="" width="72" height="72">
<h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
<p style="color: red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}" ></p>
<label class="sr-only">Username</label>
<input type="text" name="username" class="form-control" placeholder="Username" required="" autofocus="">
<label class="sr-only">Password</label>
<input type="password" name="password" class="form-control" placeholder="Password" required="">
<div class="checkbox mb-3">
<label>
<input type="checkbox" value="remember-me"> Remember me
</label>
</div>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
<p class="mt-5 mb-3 text-muted">© 2017-2018</p>
<a class="btn btn-sm">中文</a>
<a class="btn btn-sm">English</a>
</form>
</body>
</html>2.实现登录操作
2.1配置MvcConfig,设置不同路径访问到主页
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("index");
registry.addViewController("/index.html").setViewName("index");
registry.addViewController("/main.html").setViewName("dashboard");
}2.2配置登录控制器controller
实现简单的登录验证,成功跳转到主页,失败返回登录页
@Controller
public class LoginController {
@RequestMapping("/user/login")
public String login(
@RequestParam("username") String username,
@RequestParam("password") String password,
Model model, HttpSession session){
if(username!=null && Objects.equals(password, "1234")){
session.setAttribute("loginUser",username);
return "redirect:/main.html";
}else {
model.addAttribute("msg", "用户名或密码错误");
return "index";
}
}
}登录页:
成功登录主页:
失败返回:
3.实现拦截器
为了防止用户直接访问到主页,设置拦截器,拦截器要排除掉登录页的入口否则无法找到登录页,同时静态资源也需要允许,否则无法获取样式
具体方法:
3.1配置MvcConfig添加拦截器
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**")
.excludePathPatterns("/","/index.html","/user/login","/css/*","/js/**","/img/**");
}3.2在用户登录成功后在服务器端设置session,让拦截器获取 sessio判断用户是否存在
@Controller
public class LoginController {
@RequestMapping("/user/login")
public String login(
@RequestParam("username") String username,
@RequestParam("password") String password,
Model model, HttpSession session){
if(username!=null && Objects.equals(password, "1234")){
session.setAttribute("loginUser",username);
return "redirect:/main.html";
}else {
model.addAttribute("msg", "用户名或密码错误");
return "index";
}
}
}3.3 创建拦截器类,实现方法
public class LoginHandlerInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
HttpSession session = request.getSession();
String loginUser = (String) session.getAttribute("loginUser");
if(loginUser==null){
request.setAttribute("msg","没有权限访问,请先登录!");
request.getRequestDispatcher("/index.html").forward(request,response);
return false;
}else {
return true;
}
}
}
4.GitHub项目地址
项目存放地址:
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
