我们可以使用Springboot的登录拦截器进行登录验证,并完成登录跳转,错误的账户不进行跳转,正确的账户则跳转至success页面中。
同时添加登录拦截器,对于错误的账户不允许直接访问main.html页面。
实现步骤:
一.配置登录页面以及登录业务逻辑处理
1.首先建立一个springboot的项目,项目目录结构如下:
首先,我们需要导入Springboot相应的jar包,在pom.xml文件中进行添加:
pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.zk.myspringboot_014</groupId> <artifactId>myspringboot_014</artifactId> <packaging>jar</packaging> <version>0.0.1-SNAPSHOT</version> <name>myspringboot_014 Maven Webapp</name> <url>http://maven.apache.org</url> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-configuration-processor</artifactId> <optional>true</optional> </dependency> <!-- 继承父包 --> <dependency> <groupId>org.webjars</groupId> <artifactId>jquery</artifactId> <version>3.3.1-1</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>net.sourceforge.nekohtml</groupId> <artifactId>nekohtml</artifactId> </dependency> </dependencies> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>1.4.3.RELEASE</version> </parent> <build> <finalName>myspringboot_014</finalName> </build> </project>
接下来,建立我们的登录页面以及登录跳转页面login.html和main.html
login.html
<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"> <head> <meta charset="UTF-8"> <title>用户登录</title> </head> <body> <form action="/user/login" method="post"> 用户名:<input name="username" type="text"/><br> 密码:<input name="password" type="password"> <br> <input type="submit" value="登录"> </form> </body> </html>
main.html
<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content=""> <meta name="author" content=""> </head> <body class="text-center"> success </body> </html>
可以看到,登录login.html页面中表单返回的action为/user/login,所以需要构建一个返回的LoginController.java
LoginController.java
package com.zk.myspringboot; import org.springframework.stereotype.Controller; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpSession; import java.util.Map; @Controller public class LoginController { // @DeleteMapping // @PutMapping // @GetMapping //@RequestMapping(value = "/user/login",method = RequestMethod.POST) @PostMapping(value = "/user/login") public String login(@RequestParam("username") String username, @RequestParam("password") String password, Map<String,Object> map, HttpSession session){ if(!StringUtils.isEmpty(username) && "123456".equals(password)){ //登陆成功,防止表单重复提交,可以重定向到主页 session.setAttribute("loginUser",username); return "redirect:/main.html"; }else{ //登陆失败 map.put("msg","用户名密码错误"); return "login"; } } }
(1)这里使用发送post请求,使用@PostMapping代替了RequestMapping(value="/login", method="post")
(2)跳转页面时使用 return ”redirect:/ main.html“,而不是 return ”main“ 。这里会直接调用controller
最后加上启动项DemoApplication.java
DemoApplication.java
package com.zk.myspringboot; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication public class DemoApplication { public static void main(String[] args) { SpringApplication.run(DemoApplication.class, args); } }
二. 配置拦截器
当我们未在login.html页面输入用户名和密码时,直接访问main.html,此时也是可以访问到main.html文件的。这种操作不应当被允许,所以需要配置拦截器,当用户名与密码不正确时,页面无权跳转main.html,而直接跳转login.html
1.添加HandlerInterceptor拦截器
LoginHandlerInterceptor.java
package com.zk.myspringboot; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 登陆检查, */ public class LoginHandlerInterceptor implements HandlerInterceptor { //目标方法执行之前 @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { Object user = request.getSession().getAttribute("loginUser"); if(user == null){ //未登陆,返回登陆页面 request.setAttribute("msg","没有权限请先登陆"); request.getRequestDispatcher("/index.html").forward(request,response); return false; }else{ //已登陆,放行请求 return true; } } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } }
在此拦截器中,需要取出LoginController.java中放在loginUser属性中的值进行判断,如果这个值为null,则未登录,返回原始登陆页面,否则放行请求。
2.配置WebMvcConfigurer 拦截器
需要让登录有个拦截器的功能,意思是除了访问首页我们可以,其他未登录的全部拦截下来,所以需要配置一个WebMvcConfigurer 拦截器:
MyMvcConfig.java
package com.zk.myspringboot; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.LocaleResolver; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; //使用WebMvcConfigurerAdapter可以来扩展SpringMVC的功能 //@EnableWebMvc //不要接管SpringMVC @Configuration public class MyMvcConfig extends WebMvcConfigurerAdapter { @Override public void addViewControllers(ViewControllerRegistry registry) { // super.addViewControllers(registry); //浏览器发送 /index 请求来到 login registry.addViewController("/index").setViewName("login"); } //所有的WebMvcConfigurerAdapter组件都会一起起作用 @Bean //将组件注册在容器 public WebMvcConfigurerAdapter webMvcConfigurerAdapter(){ WebMvcConfigurerAdapter adapter = new WebMvcConfigurerAdapter() { @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/").setViewName("login"); registry.addViewController("/index.html").setViewName("login"); registry.addViewController("/main.html").setViewName("main"); } //注册拦截器 @Override public void addInterceptors(InterceptorRegistry registry) { //super.addInterceptors(registry); //静态资源; *.css , *.js //SpringBoot已经做好了静态资源映射 registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**") .excludePathPatterns("/index.html","/","/user/login"); } }; return adapter; } }
最后,application.properties配置如下:
spring.thymeleaf.cache=false spring.thymeleaf.mode=LEGACYHTML5
运行此程序,运行结果图如下: