4_4.springboot之Web开发登录和拦截器
1、登录处理
1)、禁用模板引擎的缓存
# 禁用缓存
spring.thymeleaf.cache=false
2)、页面修改完用ctrl+f9:重新编译;
LoginController
@Controller
public class LoginController {
@PostMapping(value = "/user/login")
//@RequestMapping(value = "/user/login",method = RequestMethod.POST)
public String login(@RequestParam(value = "username") String username,
@RequestParam(value = "password") String password,
Map<String,Object> map, HttpSession session){
if(!StringUtils.isEmpty(username)&&"123456".equals(password)){
//防止表单重复提交,可以重定向
session.setAttribute("loginUser",username);
return "redirect:/main.html";
}else{
map.put("msg","用户密码错误");
return "login";
}
}
/*
* spring Web MVC 提供Model、Map或ModelMap让我们能去暴露渲染视图需要的模型数据。
* ModelAndViews是它的实现类,
* */
}
登陆错误消息的显示
<p style="color: red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p>
2、拦截器进行登陆检查
1、新建LoginInterceptor:登录拦截器,进行登录检查,未登录的用户不能访问
package com.spboot.springboot04.component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Description:登录拦截器,进行登录检查,未登录的用户不能访问
* User: jiatp
* Date: 2019/9/23 0023 下午 7:21
*/
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Object loginUser = request.getSession().getAttribute("loginUser");
//判断是否为空
if(loginUser==null){
//未登录返回主页面,并且提示登录
request.setAttribute("msg","没有权限请先登录!");
request.getRequestDispatcher("/index.html").forward(request,response);
return false;
}else{
//已经登录放行请求
return true;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
2、配置拦截器
在springmvc配置类中添加:
@Configuration//扩展springmvc功能
public class MyMvcConfig implements WebMvcConfigurer {
/*
* 注册拦截器
* */
@Override
public void addInterceptors(InterceptorRegistry registry) {
//添加拦截请求
registry.addInterceptor(new LoginInterceptor()).addPathPatterns("/**")
// 排除的配置(登录页面。。) .excludePathPatterns("/index.html","/","/user/login","/asserts/**","/webjars/**");
}
}
注意:
此处排除的"/assters/“的静态资源文件夹,也就是在springboot项目的类路径下的static文件夹下的文件夹,不能写成”/static/“因为在springboot2.0+之后springboot的自动配置的静态资源的映射路径中不在有static,所以在这里排除”/static/**"不会起作用。
静态文件路径:resources/static/asserts ,如果html中有引入webjar 拦截器中还得过滤webjar的路径
前台html页面可以通过th标签,获取msg
<p style="color:red;" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p>
测试: