SpringMVC自定义拦截器登录检测功能的实现代码

SpringMVC自定义-登录检测功能的实现代码

目录一、定义登录控制器二、自定义登录-

一、定义登录控制器

目录结构

代码：

1、创建TUser类

package com.demo.pojo;

import lombok.AllArgsConstructor;

import lombok.Data;

import lombok.NoArgsConstructor;

@Data

@AllArgsConstructor

@NoArgsConstructor

public class TUser {

private String name;

private String password;

}

2、创建LoginController类

package com.demo.controller;

import com.demo.pojo.TUser;

import com.demo.pojo.User;

import org.springframework.stereotype.Controller;

import org.springframework.ui.Model;

import org.springframework.web.bind.annotation.RequestMapping;

import org.springframework.web.bind.annotation.RequestMethod;

import org.springframework.web.bind.annotation.RequestParam;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

@Controller

@RequestMapping("/user")

public class LoginController {

@RequestMapping("/login")

public String login(Model model){

model.addAttribute("msg","这里是登陆界面");

return "login";

}

@RequestMapping("/doLogin")

public String doLogin(TUser tUser,

HttpServletRequest req, HttpServletResponse resp, Model model){

System.out.println("###LoginController.doLogin()");

if(!"admin".equals(tUser.getName())||!"admin".equals(tUser.getPassword())){

model.addAttribute("msg","用户名或密码不正确！");

return "loginFail";//跳转到loginFail.jsp

}

HttpSession httpSession=req.getSession(true);//存在session则使用，不存在则创建

httpSession.setAttribute("user",tUser);

model.addAttribute("msg","登录成功");

return "success";//跳转到success.jsp

}

@RequestMapping("/loginOut")

public String loginFail(HttpSession session,Model model){

model.addAttribute("msg","退出登录");

session.removeAttribute("user");

return "login";

}

}

页面代码:

1、login.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>

用户名：&HBGrbvHlt;input type="text" name="name"/>

密码：

2、loginFail.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>

3、success.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>

${msg}

二、自定义登录-

代码：

1、创建LoginInterceptor类，作为-类需实现HandlerInterceptor，并重写里面的三个方法preHandle、postHandle、afterCompletion：

package com.demo.interceptor;

import org.springframework.web.servlet.HandlerInterceptor;

import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

public class LoginInterceptor implements HandlerInterceptor {

@Override

public boolean preHandle(HttpServletRequest request, HttpServletResponse response,

Object handler) throws Exception {

System.out.println("LoginInterceptor preHandle");

//放行：判断什么情况下

//1、请求到登陆界面放行,首次登陆

if(request.getRequestURI().containsHBGrbvH("login")||request.getRequestURI().contains("doLogin")){

return true;

}

//2、退出登录可直接放行

if(request.getRequestURI().contains("loginOut")){

return true;

}

//3、通过登录进入 放行

if(request.getSession().getAttribute("user")!=null){

return true;

}

//非法请求进行拦截

//重定向到登录页面

response.sendRedirect(request.getContextPath()+"login");

//拦截

return false;

}

@Override

public void postHandle(HttpServletRequest request, HttpServletResponse response,

Object handler, ModelAndView modelAndView) throws Exception {

System.out.println("LoginInterceptor "+"postHandle");

}

@Override

public void afterCompletion(HttpServletRequest request, HttpServletResponse response,

Object handler, Exception ex) throws Exception {

System.out.println("LoginInterceptor "+"afterCompletion");

}

}

2、在spring-mvc.xml中配置LoginInterceptor- 测试： 1、正常登录(正确密码：admin)

1.1、点击退出登录

2、用户名密码错误

2.1、点击返回登录界面

3、非法请求

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。