SpringBoot实现登录拦截功能

一、前言

1、需要实现的效果

        只能通过登录页面进入系统，不能直接复制url实现进入

2、需要技术

        1、thymeleaf

        2、实现HandlerInterceptor的拦截器

        3、继承WebMvcConfigurationSupport的自定义配置类

二、步骤

1、引入依赖

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>

2、新建登录页面-login.index

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>登录</title>
</head>
<body>
<div>
    <form th:action="@{/index}" method="post">
        <span style="color: red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></span>
        <br>
        <span>用户名：</span>
        <input name="name"/>
        <br>
        <span>密码：</span>
        <input name="password"/>
        <br>
        <button>登录</button>
    </form>
</div>
</body>
</html>

        其中： xmlns:th="http://www.thymeleaf.org"  能让html识别thymeleaf语法

3、新建主页-index.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h2>你好</h2>
<a th:href="@{/demo.html}">>点击</a>
</body>
</html>

4、新建demo.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h2>测试</h2>
</body>
</html>

5、controller层

package com.student.controller;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.servlet.server.Session;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpSession;
import java.util.Map;

/**
 * @ClassName: myController
 * @Author: 
 * @Description:
 * @Date: 2022/6/11 10:26
 */
@Controller
public class myController {
    private Logger logger = LoggerFactory.getLogger(myController.class);

    //登录页
    @RequestMapping({"/login","/"})
    public String login() {
        return "login";
    }

    //点击登录按钮进入首页
    @RequestMapping(value = {"/index"}, method = RequestMethod.POST)
    // @PostMapping("/index")   也可以简写
    public String index(
            @RequestParam("name") String name,
            @RequestParam("password") String password,
            Map<String, Object> map,
            HttpSession session
    ) {
        if (StringUtils.isEmpty(name) ||StringUtils.isEmpty(password)) {
            map.put("msg", "用户名或密码为空");
            return "login";
        } else if(!name.equals("admin")||!password.equals("123456")){
            map.put("msg", "用户名或密码错误");
            return "login";
        }   else{
            session.setAttribute("name",name);
            session.setAttribute("password",password);
            return "redirect:/main.html";
        }
    }
}

6、新建拦截器

package com.student.interceptor;

import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @ClassName: MyInterceptor
 * @Author: 
 * @Description:
 * @Date: 2022/6/11 10:29
 */
@Component
public class MyInterceptor implements HandlerInterceptor {
    //定义拦截器
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        Object name = request.getSession().getAttribute("name");
        Object password = request.getSession().getAttribute("password");
        if (name == null || password == null) {
            request.setAttribute("msg", "没有权限请登录");
            request.getRequestDispatcher("/login.html").forward(request, response);
            // response.sendRedirect(request.getContextPath() + "login");   //这种写法也可以
            return false;
        } else {
            return true;
        }
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}

7、新建配置类

package com.student.config;

import com.student.interceptor.MyInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;

/**
 * @ClassName: MyConfig
 * @Author: 
 * @Description:
 * @Date: 2022/6/11 10:59
 */
@Configuration
public class MyConfig extends WebMvcConfigurationSupport {

    @Autowired
    MyInterceptor myInterceptor;

    // 注册拦截器
    @Override
    protected void addInterceptors(InterceptorRegistry registry) {
        super.addInterceptors(registry);
        registry.addInterceptor(myInterceptor).addPathPatterns("/**").excludePathPatterns("/login.html", "/index", "/", "/login");
    }

    //仅需要页面跳转不需要进行业务操作
    @Override
    protected void addViewControllers(ViewControllerRegistry registry) {
        super.addViewControllers(registry);
        registry.addViewController("/main.html").setViewName("/index");
        registry.addViewController("/login.html").setViewName("/login");
        registry.addViewController("/demo.html").setViewName("/demo");
    }
}

8、properties

# 应用名称
spring.application.name=student
# 应用服务 WEB 访问端口
server.port=8023
#禁用缓存
spring.thymeleaf.cache=false

spring.mvc.hiddenmethod.filter.enabled=true

三、效果

1、首页

2、验证为空

 3、登录成功

 4、登录拦截

首先ctrl+alt+delete 清除缓存，然后在浏览器中输入http://localhost:8023/main.html

5、已登录在缓存未清除的条件下可以进入首页

四、其他

1、重定向

        因为在login.html中发送的是post请求，所以为了在index.html中刷新页面时，再次提交，所以用重定向

 2、405的问题

        如果不配置试图控制器，那么会报405的错误。这是因为当成controller请求后，由于请求方式为get，但是实际为post

3、拦截器