SpringBoot-實現登錄功能(十一)


登錄

開發期間模板引擎頁面修改以后,要實時生效.

#禁用模板引擎的緩存
spring.thymeleaf.cache=false

前端提交的表單

        <form class="form-signin" action="dashboard.html" th:action="@{/user/login}" method="post">
            <img class="mb-4" th:src="@{/asserts/img/bootstrap-solid.svg}" src="asserts/img/bootstrap-solid.svg" alt="" width="72" height="72">
            <h1 class="h3 mb-3 font-weight-normal" th:text="#{login.tip}">Please sign in</h1>
            <p style="color: red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p>
            <label class="sr-only" th:text="#{login.username}">Username</label>
            <input type="text" name="username" class="form-control" placeholder="Username" th:placeholder="#{login.username}" required="" autofocus="">
            <label class="sr-only" th:text="#{login.password}">Password</label>
            <input type="password" name="password" class="form-control" placeholder="Password" th:placeholder="#{login.password}" required="">
            <div class="checkbox mb-3">
                <label>
          <input type="checkbox"  value="remember-me"/> [[#{login.remember}]]
        </label>
            </div>
            <button class="btn btn-lg btn-primary btn-block" type="submit" th:text="#{login.btn}">Sign in</button>
            <p class="mt-5 mb-3 text-muted">© 2017-2018</p>
            <a class="btn btn-sm" th:href="@{/login.html(l='zh_CN')}">中文</a>
            <a class="btn btn-sm" th:href="@{/login.html(l='en_US')}">English</a>
        </form>

編寫controller

@Controller
public class LoginController {
@PostMapping(value = "/user/login")
//@RequestParam這個注解是必須寫入值
 public String login(@RequestParam("username") String username,
                     @RequestParam("password") String password , Map<String,Object> map,
                     HttpSession session){

     if(!StringUtils.isEmpty(username) && "123456".equals(password)){
//       把登錄的信息存入session中
        session.setAttribute("loginUser",username);
//          登錄成功
//        重定向到main.html解析
          return "redirect:/main.html";
     }else {
  //登錄失敗
         map.put("msg","用戶名密碼錯誤");
         return "login";
     }

 }

}

防止表單重復提交,進行重定向

   @Bean
    public WebMvcConfigurer webMvcConfigurer() {
        WebMvcConfigurer configurer = new WebMvcConfigurer() {
            @Override
            public void addViewControllers(ViewControllerRegistry registry) {
                registry.addViewController("/").setViewName("login");
                //   瀏覽器發送index.html / 請求來到 login
                registry.addViewController("/index.html").setViewName("login");

//             瀏覽器發送main.html   請求來dashboard!
                registry.addViewController("/main.html").setViewName("dashboard");
            }

登陸錯誤消息的顯示

<p style="color: red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p>

但是這樣別人可以直接跳過登錄訪問我們的主頁面,我們應該添加一個攔截器.

攔截器進行登陸檢查

要注冊攔截器必須實現HandlerInterceptor

//注冊攔截器   要注冊攔截器必須實現HandlerInterceptor
public class LoginHandlerInterceptor implements HandlerInterceptor {

//在目標方法執行前
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//   獲得session中攜帶的值,判斷
        Object user = request.getSession().getAttribute("loginUser");
//         判斷如名字為空說明沒登錄攔截
            if(user==null){
   //             放入錯誤消息
                request.setAttribute("msg","沒有權限,請登錄");
//    轉發到登錄頁面
                request.getRequestDispatcher("/index.html").forward(request,response);

                return false;
            }else {
                return true;
            }
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}

 

編寫好攔截器,還要注冊攔截器的組件,和設置對應的攔截條件

@Configuration
public class MyMvcConfig implements WebMvcConfigurer {

   @Bean
    public WebMvcConfigurer webMvcConfigurer() {
        WebMvcConfigurer configurer = new WebMvcConfigurer() {
            @Override
            public void addViewControllers(ViewControllerRegistry registry) {
                registry.addViewController("/").setViewName("login");
                //   瀏覽器發送index.html / 請求來到 login
                registry.addViewController("/index.html").setViewName("login");

//             瀏覽器發送main.html   請求來dashboard!
                registry.addViewController("/main.html").setViewName("dashboard");
            }

            //注冊攔截器
            @Override
            public void addInterceptors(InterceptorRegistry registry) {
                //靜態資源在springboot2.0以前已經做好映射,不用管
                //  /**指任意范圍都通過攔截
                registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**")
                        .excludePathPatterns("/index.html", "/", "/user/login", "/asserts/**", "/webjars/**");
//                .excludePathPatterns代表這些請求不過濾
//       asserts為resources下static下的文件夾,webjars則是maven導入的一些前端框架
            }

        };
        return configurer;

    }

這里注意:WebMvcConfigurer是需要注明 不攔截那些靜態資源的.否則我們的靜態資源也被攔截了.


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM