表单提交校验与密码的加密
首先,我们需要对用户名进行非空校验,为了避免用户输入两个空串,我们在此自定义去空转换器,springmvc.xml的定义:
1 <!-- Converter转换器 工厂 --> 2 <bean id="conversionService" class="org.springframework.format.support.FormattingConversionServiceFactoryBean"> 3 <!-- 日期 --> 4 <!-- 去掉前后空格 --> 5 <property name="converters"> 6 <list> 7 <bean class="cn.cuibusi.common.conversion.CustomConverter"></bean> 8 </list> 9 </property> 10 </bean>
然后 我们需要在处理器适配器中引入配置的去空转换器:
1 <!-- 处理器 映射器 适配器 --> 2 <mvc:annotation-driven conversion-service="conversionService"/>
然后是我们的自定义去空类:
1 public class CustomConverter implements Converter<String, String>{ 2 //去掉前后空格 3 @Override 4 public String convert(String source) { 5 // TODO Auto-generated method stub 6 try { 7 if(null != source){ 8 source = source.trim(); 9 if(!"".equals(source)){ 10 return source; 11 } 12 } 13 } catch (Exception e) { 14 // TODO: handle exception 15 } 16 return null; 17 } 18 19 }
然后是登录Controller:
1 @Autowired 2 private BuyerService buyerService; 3 @Autowired 4 private SessionProvider sessionProvider; 5 //提交登陆 6 @RequestMapping(value = "/login.aspx",method=RequestMethod.POST) 7 public String login(String username,String password,String returnUrl, 8 HttpServletRequest request,HttpServletResponse response, Model model){ 9 //1:用户名不能为空 10 if(null != username){ 11 //2:密码不能为空 12 if(null != password){ 13 //3:用户名必须正确 14 Buyer buyer = buyerService.selectBuyerByUsername(username); 15 if(null != buyer){ 16 //4:密码必须正确 17 if(buyer.getPassword().equals(encodePassword(password))){ 18 //5:保存用户名到Session中(Redis中) 19 sessionProvider.setAttribuerForUsername(RequestUtils.getCSESSIONID(request, response), buyer.getUsername()); 20 //6:跳转到之前访问页面 21 return "redirect:" + returnUrl; 22 }else{ 23 model.addAttribute("error", "密码必须正确"); 24 } 25 26 }else{ 27 model.addAttribute("error", "用户名必须正确"); 28 } 29 30 }else{ 31 model.addAttribute("error", "密码不能为空"); 32 } 33 34 }else{ 35 model.addAttribute("error", "用户名不能为空"); 36 } 37 return "login"; 38 }
最后时MD5加密后再进行16进制转换:
1 public String encodePassword(String password){ 2 // 3 //password = "gxzcwefxcbergfd123456errttyyytytrnfzeczxcvertwqqcxvxb"; 4 //1:MD5 算法 5 String algorithm = "MD5"; 6 char[] encodeHex = null; 7 try { 8 //MD5加密 9 MessageDigest instance = MessageDigest.getInstance(algorithm); 10 //加密后 11 byte[] digest = instance.digest(password.getBytes()); 12 // 13 //2:十六进制 14 encodeHex = Hex.encodeHex(digest); 15 } catch (NoSuchAlgorithmException e) { 16 // TODO Auto-generated catch block 17 e.printStackTrace(); 18 } 19 return new String(encodeHex); 20 }