登錄
開發期間模板引擎頁面修改以后,要實時生效.
#禁用模板引擎的緩存 spring.thymeleaf.cache=false
前端提交的表單
<form class="form-signin" action="dashboard.html" th:action="@{/user/login}" method="post"> <img class="mb-4" th:src="@{/asserts/img/bootstrap-solid.svg}" src="asserts/img/bootstrap-solid.svg" alt="" width="72" height="72"> <h1 class="h3 mb-3 font-weight-normal" th:text="#{login.tip}">Please sign in</h1> <p style="color: red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p> <label class="sr-only" th:text="#{login.username}">Username</label> <input type="text" name="username" class="form-control" placeholder="Username" th:placeholder="#{login.username}" required="" autofocus=""> <label class="sr-only" th:text="#{login.password}">Password</label> <input type="password" name="password" class="form-control" placeholder="Password" th:placeholder="#{login.password}" required=""> <div class="checkbox mb-3"> <label> <input type="checkbox" value="remember-me"/> [[#{login.remember}]] </label> </div> <button class="btn btn-lg btn-primary btn-block" type="submit" th:text="#{login.btn}">Sign in</button> <p class="mt-5 mb-3 text-muted">© 2017-2018</p> <a class="btn btn-sm" th:href="@{/login.html(l='zh_CN')}">中文</a> <a class="btn btn-sm" th:href="@{/login.html(l='en_US')}">English</a> </form>
編寫controller
@Controller public class LoginController { @PostMapping(value = "/user/login") //@RequestParam這個注解是必須寫入值 public String login(@RequestParam("username") String username, @RequestParam("password") String password , Map<String,Object> map, HttpSession session){ if(!StringUtils.isEmpty(username) && "123456".equals(password)){ // 把登錄的信息存入session中 session.setAttribute("loginUser",username); // 登錄成功 // 重定向到main.html解析 return "redirect:/main.html"; }else { //登錄失敗 map.put("msg","用戶名密碼錯誤"); return "login"; } } }
防止表單重復提交,進行重定向
@Bean public WebMvcConfigurer webMvcConfigurer() { WebMvcConfigurer configurer = new WebMvcConfigurer() { @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/").setViewName("login"); // 瀏覽器發送index.html / 請求來到 login registry.addViewController("/index.html").setViewName("login"); // 瀏覽器發送main.html 請求來dashboard! registry.addViewController("/main.html").setViewName("dashboard"); }
登陸錯誤消息的顯示
<p style="color: red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p>
但是這樣別人可以直接跳過登錄訪問我們的主頁面,我們應該添加一個攔截器.
攔截器進行登陸檢查
要注冊攔截器必須實現HandlerInterceptor
//注冊攔截器 要注冊攔截器必須實現HandlerInterceptor public class LoginHandlerInterceptor implements HandlerInterceptor { //在目標方法執行前 @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 獲得session中攜帶的值,判斷 Object user = request.getSession().getAttribute("loginUser"); // 判斷如名字為空說明沒登錄攔截 if(user==null){ // 放入錯誤消息 request.setAttribute("msg","沒有權限,請登錄"); // 轉發到登錄頁面 request.getRequestDispatcher("/index.html").forward(request,response); return false; }else { return true; } } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } }
編寫好攔截器,還要注冊攔截器的組件,和設置對應的攔截條件
@Configuration public class MyMvcConfig implements WebMvcConfigurer { @Bean public WebMvcConfigurer webMvcConfigurer() { WebMvcConfigurer configurer = new WebMvcConfigurer() { @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/").setViewName("login"); // 瀏覽器發送index.html / 請求來到 login registry.addViewController("/index.html").setViewName("login"); // 瀏覽器發送main.html 請求來dashboard! registry.addViewController("/main.html").setViewName("dashboard"); } //注冊攔截器 @Override public void addInterceptors(InterceptorRegistry registry) { //靜態資源在springboot2.0以前已經做好映射,不用管 // /**指任意范圍都通過攔截 registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**") .excludePathPatterns("/index.html", "/", "/user/login", "/asserts/**", "/webjars/**"); // .excludePathPatterns代表這些請求不過濾 // asserts為resources下static下的文件夾,webjars則是maven導入的一些前端框架 } }; return configurer; }
這里注意:WebMvcConfigurer是需要注明 不攔截那些靜態資源的.否則我們的靜態資源也被攔截了.