基于springMVC拦截器的登陆

作者: writeanewworld | 来源:发表于2017-12-06 20:54 被阅读0次

基于springMVC拦截器的登陆
springmvc 拦截器做登陆验证
【SpringMVC】拦截器与异常处理
SpringMVC的拦截器
拦截器
springMvc拦截器无法注入的问题
SpringMVC（二）
springMVC拦截器
拦截器
SpringMVC拦截器实现原理以及登录拦截器实现(图文讲解)

1.简简单单的登陆逻辑：
登陆的form表单，获取表单的账号密码，按照账号密码进行数据库查询，查询出来对象不为空就进行页面的重定向跳转，为空就重定向到本页面。
然后设置登陆状态，拦截器

2.主要逻辑的代码，框架结构是ssm的

数据库代码：

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">

<mapper namespace="com.bookscity.mapper.AdminMapper">
<resultMap type="admin" id="adminMap">
<id column="admin_user" property="user"/>
<result column="admin_pwd" property="pwd" />
</resultMap>

<select id="findAdminByUser" parameterType="String" resultMap="adminMap">
   select * from admin where admin_user = #{user}
</select>
<select id="findAdminByUserAndPwd" resultMap="adminMap">
  select * from admin where admin_user = #{user} and admin_pwd=#{pwd}
</select>
</mapper>

Controller:

package com.bookscity.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.servlet.ModelAndView;

import com.bookscity.pojo.Admin;
import com.bookscity.service.AdminService;

@Controller
@RequestMapping("bookscity")
@SessionAttributes(types = { Admin.class })
 // 使用这个记录登录状态
public class AdminController {

@Autowired
private AdminService adminService = null;

// 测试url: http://localhost:8080/BooksCity/bookscity/admin.do?user=abc
@RequestMapping("adminlogin")
public ModelAndView adminlogin(String adminUser, String adminPwd,ModelAndView mv) {
    Admin admin = adminService.findAdminByUserAndPwd( adminUser, adminPwd);
    //ModelAndView mv = new ModelAndView();
    if (null != admin) {
        // 重定向到主页面
        mv.setViewName("redirect:/home.jsp");
        // 记录登录状态
        mv.addObject("admin", admin);
    } else {
        System.out.println("登录信息错误，根本没有经过拦截器");
        // 重定向回到登录页面
        mv.setViewName("redirect:/adminlogin.jsp");

    }
    return mv;
}

@RequestMapping("dealadminlogin")
public String dealAdminLogin() {
    // 做一些逻辑处理
    // 在执行重定向时先经过拦截器进行逻辑处理
    return "redirect:/userinfo.jsp";
}}

interceptor

 package com.bookscity.intercepter;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;

 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;

 public class AdminIntercepter implements HandlerInterceptor{
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
        Object arg2) throws Exception {
    System.out.println("preHandler经过拦截器==================================");
  
    
    
    //这里是不拦截操作，直接放行执行重定向。要不就需要在ds-servlet.xml配置文件中进行配置<mvc:exclude-mapping path="/bookscity/adminlogin.do"/> 
      if (request.getServletPath().contains("/admin/")) {
            
        }
    if (request.getServletPath().equals("/bookscity/adminlogin.do")) {
        return true;
    }
    //对拦截路径做具体处理，考虑使用 request.getServletPath();
    HttpSession session = request.getSession();
    Object obj = session.getAttribute("admin");
    //null代表未登录
    if(null == obj){
        response.sendRedirect("/BooksCity/adminlogin.jsp");
        return false;
    }
    return true;
}

ds-servler.xml配置：

 <!-- springmvc拦截器配置 -->
<mvc:interceptors>
    <mvc:interceptor>
        <!-- 拦截所有 -->
        <mvc:mapping path="/**" />
        <!-- 放过的url -->
        <mvc:exclude-mapping path="/bookscity/adminlogin.do"/> 
        <bean class="com.bookscity.intercepter.AdminIntercepter"></bean>
    </mvc:interceptor>
</mvc:interceptors>