需求:
- 对于每个页面访问时都需要登录验证,如果不登录则无法访问。
- 实现拦截器需要实现HandlerInterceptor类,分为方法执行前,执行时,执行后三个处理阶段。
- 注册拦截器时需要实现WebMvcConfigurer类。
逻辑:
- 登录前检查session对象中是否存在登录用户,如果没有跳转到登录页,并往session中放入提示信息;
实现:
1、写一个拦截器,明确拦截逻辑;
package com.springbootweb.Interceptor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.lang.Nullable;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
@Slf4j
public class WebInterceptor implements HandlerInterceptor {
/**
* 登录检查
* 1、配置好拦截器要拦截哪些请求
* 2、把这些配置放在容器中
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
log.info("拦截的请求路径为:"+request.getRequestURI());
HttpSession session = request.getSession();
Object object = session.getAttribute("userInfo");
if(object == null){
//此处未登录,跳转登录页
session.setAttribute("msg","请先登录");
// response.sendRedirect("/login");
request.getRequestDispatcher("/login").forward(request,response);
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
log.info("");
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
log.info("");
}
}
2、将拦截器注册到bean中;
package com.springbootweb.Config;
import com.springbootweb.Interceptor.WebInterceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new WebInterceptor())
.addPathPatterns("/**") //拦截所有请求
.excludePathPatterns("/login","/","/css/**","/files/**","/images/**","/static/**"); //放行请求
}
}
- 创建config路径进行注册,注册时说明需要拦截那些路径,那些路径不拦截。
- 拦截器会拦截静态资源,要注意放行。
3、Controller
package com.springbootweb.Controller;
import com.springbootweb.Entiy.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.thymeleaf.util.StringUtils;
import javax.servlet.http.HttpSession;
@Controller
public class UserController {
@GetMapping(value = {"/","/login"})
public String toLogin(){
return "login";
}
// @PostMapping("/index")
// public String toIndex(String username,String password){
// return "index";
// }
//每次刷新页面都是重新登录,需要进行请求转发处理
@PostMapping("/index")
public String toIndex(User user, HttpSession session, Model model){
if(!StringUtils.isEmpty(user.getUserName()) && user.getPassword().equals("123456")){
session.setAttribute("userInfo",user);
return "redirect:/indexPage";
} else {
model.addAttribute("msg","账号或密码错误");
return "login";
}
}
@GetMapping("/indexPage")
public String indexPage(HttpSession session,Model model){
// Object user = session.getAttribute("userInfo");
// if(user != null){
return "index";
// } else {
// model.addAttribute("msg","请先登录");
// return "login";
// }
}
}
流程:
ptr——>方法——>post——>页面渲染——>after