碼上歡樂
相關內容    簡體    繁體

spring boot實現簡單的登錄攔截

本文轉載自   查看原文   2020-05-28 14:34   601    java/springboot

一。思路

1.在pom.xml導入相關包

2.先寫個簡單的認證適配器(WebSecurityConfig extends WebSecurityConfigurerAdapter),登錄攔截后就會跳轉到我們想要的頁面,不然就會跳轉到spring的登錄頁面

3.寫個登錄攔截器(LoginInterceptor implements HandlerInterceptor),在請求前(preHandle)根據登錄時保存在session attribute里的值進行判斷用戶是否登錄

4.寫個攔截器配置(WebConfigurer implements WebMvcConfigurer),注入攔截器(LoginInterceptor ),在addInterceptors方法里進行配置攔截和不用攔截的方法

二。相關代碼

1.認證適配器
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Value("${app.basePath:}")
    private String appBasePath;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        String basePath = StringUtils.trimToEmpty(appBasePath);

        http.authorizeRequests()
                .anyRequest()
                .permitAll();

        http.formLogin()
                .loginPage(basePath + "/console/login.html")
                .defaultSuccessUrl(basePath + "/console/index.html", true)
                .failureForwardUrl("/console/login.html?error=true")
                .permitAll();

        http.logout()
                .logoutSuccessUrl(basePath + "/console/login.html")
                .permitAll();

        http.csrf()
                .disable();

        http.headers()
                .frameOptions()
                .disable();
    }
}

2.登錄攔截器
@Component
public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HttpSession session = request.getSession();
        String currentAdminId = (String) session.getAttribute("CURRENT_ADMIN_ID");
        if (StringUtils.isNotBlank(currentAdminId)) {
            return true;
        } else {
        //這里返回要加上全路徑,不然會出現 重定向次數過多 的錯
        String path = request.getContextPath();
        String basePath = request.getScheme() + "://"+ request.getServerName() + ":" + request.getServerPort()+ path + "/console/";
        response.sendRedirect(basePath+"login.html");
        return false;
        }
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}

3.攔截器配置
@Configuration
public class WebConfigurer implements WebMvcConfigurer {

    @Autowired
    private LoginInterceptor loginInterceptor;

    /**
     * 自定義資源攔截路徑可以和springBoot默認的資源攔截一起使用,但是我們如果自己定義的路徑與默認的攔截重復,那么我們該方法定義的就會覆蓋默認配置
     *
     * @param registry
     * @Return: void
     */
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
    }

    /**
     * 添加攔截器
     *
     * @param registry
     * @Return: void
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        // addPathPatterns("/**") 表示攔截所有的請求,
        // excludePathPatterns("/login", "/register") 表示不攔截里面的方法
     //注意:這里如果不放開對image、js、css等靜態文件的攔截的話,就會報 重定向次數過多 的錯
        registry.addInterceptor(loginInterceptor).addPathPatterns("/**").excludePathPatterns("/login", "/register", "/console/login.html","/console/conLogin.json","/console/login/captcha.png", "/static/**");
    }
}

4.session操作
@UtilityClass
public class SessionTool {

    private static final String ADMIN_ID = "CURRENT_ADMIN_ID";
  /**
   * 獲取當前請求
   *
   * @return 請求信息
   */
  public static HttpServletRequest getCurrentServletRequest() {
      RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
      ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) requestAttributes;
      return servletRequestAttributes.getRequest();
  }
    /**
     * 獲取當前用戶id
     *
     * @param
     * @Return: java.lang.String
     */
    public static String getCurrentAdminId() {
        HttpServletRequest servletRequest = getCurrentServletRequest();
        if (servletRequest != null) {
            HttpSession session = servletRequest.getSession();
            String code = (String) session.getAttribute(ADMIN_ID);
            return code;
        }
        return null;
    }

    /**
     * 設置當前用戶id
     *
     * @param code
     * @Return: void
     */
    public static void setCurrentAdminId(String code) {
        HttpServletRequest servletRequest = getCurrentServletRequest();
        if (servletRequest != null) {
            HttpSession session = servletRequest.getSession();
            session.setAttribute(ADMIN_ID, StringUtils.trimToNull(code));
        }
    }

    /**
     * 移除當前用戶id
     *
     * @param
     * @Return: void
     */
    public static void delCurrentAdminId() {
        HttpServletRequest servletRequest = getCurrentServletRequest();
        if (servletRequest != null) {
            HttpSession session = servletRequest.getSession();
            session.removeAttribute(ADMIN_ID);
        }
    }

    /**
     * 判斷當前用戶id是否為空
     *
     * @param
     * @Return: boolean
     */
    public static boolean isSign() {
        return StringUtils.isNotBlank(getCurrentAdminId());
    }
}

參考文件
https://blog.csdn.net/u011972171/article/details/79924133
https://blog.csdn.net/weixin_42740540/article/details/88594441
https://blog.csdn.net/weixin_42849689/article/details/89957823


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 Spring Boot2.0攔截器簡單實現判斷是否登錄 spring boot+jpa+mysql實現簡單的登錄注冊 Spring Boot -- Spring AOP原理及簡單實現 Spring Boot實現一個監聽用戶請求的攔截器 Spring Boot配置攔截器及實現跨域訪問 Spring Boot + Spring Security + Vue實現前后端分離登錄認證 spring boot 登錄界面 學習筆記:Spring Boot實現用戶登錄功能(idea) Spring Boot使用Shiro實現登錄授權認證 vue + spring boot + spring security 前后端分離 攜帶 Cookie 登錄實現 只寫了個登錄
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM