洞察如何利用移动警务平台提高安全保障效率,数字化转型助力合规运营
754
2022-12-21
SpringMVC自定义-登录检测功能的实现代码
目录一、定义登录控制器二、自定义登录-
一、定义登录控制器
目录结构
代码:
1、创建TUser类
package com.demo.pojo;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@AllArgsConstructor
@NoArgsConstructor
public class TUser {
private String name;
private String password;
}
2、创建LoginController类
package com.demo.controller;
import com.demo.pojo.TUser;
import com.demo.pojo.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
@Controller
@RequestMapping("/user")
public class LoginController {
@RequestMapping("/login")
public String login(Model model){
model.addAttribute("msg","这里是登陆界面");
return "login";
}
@RequestMapping("/doLogin")
public String doLogin(TUser tUser,
HttpServletRequest req, HttpServletResponse resp, Model model){
System.out.println("###LoginController.doLogin()");
if(!"admin".equals(tUser.getName())||!"admin".equals(tUser.getPassword())){
model.addAttribute("msg","用户名或密码不正确!");
return "loginFail";//跳转到loginFail.jsp
}
HttpSession httpSession=req.getSession(true);//存在session则使用,不存在则创建
httpSession.setAttribute("user",tUser);
model.addAttribute("msg","登录成功");
return "success";//跳转到success.jsp
}
@RequestMapping("/loginOut")
public String loginFail(HttpSession session,Model model){
model.addAttribute("msg","退出登录");
session.removeAttribute("user");
return "login";
}
}
页面代码:
1、login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
用户名:&HBGrbvHlt;input type="text" name="name"/>
密码:
2、loginFail.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
3、success.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
${msg}
二、自定义登录-
代码:
1、创建LoginInterceptor类,作为-类需实现HandlerInterceptor,并重写里面的三个方法preHandle、postHandle、afterCompletion:
package com.demo.interceptor;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object handler) throws Exception {
System.out.println("LoginInterceptor preHandle");
//放行:判断什么情况下
//1、请求到登陆界面放行,首次登陆
if(request.getRequestURI().containsHBGrbvH("login")||request.getRequestURI().contains("doLogin")){
return true;
}
//2、退出登录可直接放行
if(request.getRequestURI().contains("loginOut")){
return true;
}
//3、通过登录进入 放行
if(request.getSession().getAttribute("user")!=null){
return true;
}
//非法请求进行拦截
//重定向到登录页面
response.sendRedirect(request.getContextPath()+"login");
//拦截
return false;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response,
Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("LoginInterceptor "+"postHandle");
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response,
Object handler, Exception ex) throws Exception {
System.out.println("LoginInterceptor "+"afterCompletion");
}
}
2、在spring-mvc.xml中配置LoginInterceptor- 测试: 1、正常登录(正确密码:admin)
1.1、点击退出登录
2、用户名密码错误
2.1、点击返回登录界面
3、非法请求
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
发表评论
暂时没有评论,来抢沙发吧~