SpringMVC拦截器(实现登录验证拦截器)

时间:2023-03-09 14:22:30
SpringMVC拦截器(实现登录验证拦截器)

本例实现登陆时的验证拦截,采用SpringMVC拦截器来实现

当用户点击到网站主页时要进行拦截,用户登录了才能进入网站主页,否则进入登陆页面

核心代码

首先是index.jsp,显示链接

 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

 <%

 String path = request.getContextPath();

 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

 %>

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

 <html>

   <head>

     <base href="<%=basePath%>">

     <title>首页</title>

     <meta http-equiv="pragma" content="no-cache">

     <meta http-equiv="cache-control" content="no-cache">

     <meta http-equiv="expires" content="">

     <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">

     <meta http-equiv="description" content="This is my page">

     <!--

     <link rel="stylesheet" type="text/css" href="styles.css">

     -->

   </head>

   <body>

      <div style="margin:0 auto;padding-top:100px;font-size:18px;" align="center">

          <p><a href="loginpage.html">登陆</a></p>

          <p><a href="user/home.html">用户中心</a></p>

          <p><a href="exception.html">触发异常</a></p>

      </div>

   </body>

 </html>

controller类

 package com.jikexueyuan.demo.springmvc.lesson4.controller;

 import javax.annotation.Resource;

 import javax.servlet.http.HttpServletRequest;

 import org.springframework.stereotype.Controller;

 import org.springframework.web.bind.annotation.RequestMapping;

 import org.springframework.web.bind.annotation.RequestMethod;

 import org.springframework.web.bind.annotation.RequestParam;

 import com.jikexueyuan.demo.springmvc.lesson4.constant.Global;

 import com.jikexueyuan.demo.springmvc.lesson4.exception.MyException;

 import com.jikexueyuan.demo.springmvc.lesson4.model.User;

 import com.jikexueyuan.demo.springmvc.lesson4.service.LoginService;

 /**

  * 这个例子讲解了如何定义MVC三层注解,使用@Resource进行注入,以及使用@RequestMapping、@RequestParam 、@SessionAttributes

  */

 @Controller

 public class LoginController extends BaseController {

     @Resource

     LoginService service;

     @Resource

     HttpServletRequest request;

     @RequestMapping("/exception")

     public void exception() throws MyException{

         throw new MyException("测试springmvc中的异常捕获");

     }

     @RequestMapping("/loginpage")

     public String toLoginPage(){

         return "/WEB-INF/jsp/login.jsp";

     }

     @RequestMapping("/user/home")

     public String toUserHome(){

         return "/WEB-INF/jsp/userhome.jsp";

     }

     @RequestMapping("/logout")

     public String logout(){

         request.getSession().removeAttribute(Global.USER_SESSION_KEY);

         return "redirect:/";

     }

     @RequestMapping(value = "/doLogin", method = RequestMethod.POST)

     public String doLogin(@RequestParam String userName, @RequestParam String password){

         try {

             User user = service.doLogin(userName, password);

             request.getSession().setAttribute(Global.USER_SESSION_KEY, user);

             return "redirect:/user/home.html";

         } catch (Exception e) {

             return "/WEB-INF/jsp/login.jsp";

         }

     }

 }

当点击用户中心时,触发拦截,相关配置如下

在spring-mvc.xml中加上拦截配置,拦截所有URL中包含/user/的请求,当然请求用户中心时就会触发这个拦截器了

     <mvc:interceptors>

         <mvc:interceptor>

             <!-- 拦截所有URL中包含/user/的请求 -->

             <mvc:mapping path="/user/**"/>

             <bean class="com.jikexueyuan.demo.springmvc.lesson4.interceptor.LoginInterceptor"></bean>

         </mvc:interceptor>

     </mvc:interceptors>

然后是bean指向的具体的interceptor类,如果session保存的用户信息为null,则跳到login页面,postHandle和afterCompletion方法都不执行,反之都执行。

 package com.jikexueyuan.demo.springmvc.lesson4.interceptor;

 import javax.servlet.http.HttpServletRequest;

 import javax.servlet.http.HttpServletResponse;

 import org.springframework.web.servlet.HandlerInterceptor;

 import org.springframework.web.servlet.ModelAndView;

 import com.jikexueyuan.demo.springmvc.lesson4.constant.Global;

 public class LoginInterceptor implements HandlerInterceptor {

     @Override

     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

         Object user = request.getSession().getAttribute(Global.USER_SESSION_KEY);

         if (user == null) {

             System.out.println("尚未登录,调到登录页面");

             response.sendRedirect("/loginpage.html");

             return false;

         }

         return true;

     }

     @Override

     public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

         System.out.println("postHandle");

     }

     @Override

     public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

         System.out.println("afterCompletion");

     }

 }

至此,简单的springmvc拦截器就完成了。

相关文章