用户登录时,将用户信息放到session中
package cn.woniubushiniu.controller;
import cn.woniubushiniu.po.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.http.HttpSession;
@Controller
public class UserController {
/**
* 向用户登录页面跳转
*/
@RequestMapping(value = "/login",method = RequestMethod.GET)
public String toLogin(){
return "login";
}
/**
* 用户登录
* @param user
* @param model
* @param session
* @return
*/
@RequestMapping(value = "/login",method = RequestMethod.POST)
public String login(User user, Model model, HttpSession session){
//获取用户名和密码
String username=user.getUsername();
String password=user.getPassword();
//些处横板从数据库中获取对用户名和密码后进行判断
if(username!=null&&username.equals("admin")&&password!=null&&password.equals("admin")){
//将用户对象添加到Session中
session.setAttribute("USER_SESSION",user);
//重定向到主页面的跳转方法
return "redirect:main";
}
model.addAttribute("msg","用户名或密码错误,请重新登录!");
return "login";
}
@RequestMapping(value = "/main")
public String toMain(){
return "main";
}
@RequestMapping(value = "/logout")
public String logout(HttpSession session){
//清除session
session.invalidate();
//重定向到登录页面的跳转方法
return "redirect:login";
}
}
拦截未登录的用户
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
//获取请求的RUi:去除http:localhost:8080这部分剩下的
String uri = request.getRequestURI();
//UTL:除了login.jsp是可以公开访问的,其他的URL都进行拦截控制
if (uri.indexOf("/login") >= 0) {
return true;
}
//获取session
HttpSession session = request.getSession();
User user = (User) session.getAttribute("USER_SESSION");
//判断session中是否有用户数据,如果有,则返回true,继续向下执行
if (user != null) {
return true;
}
//不符合条件的给出提示信息,并转发到登录页面
request.setAttribute("msg", "您还没有登录,请先登录!");
request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response);
return false;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
配置文件
配置到spring 的配置文件中
<!--登录拦截器-->
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="cn.woniubushiniu.interceptor.LoginInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
配置web.xml 拦截所有url,并设置需要扫描的spring文件
<!--配置前端控制器-->
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:springmvc-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
小知识点,用来复习的~~