1. SSM拦截器实现:
拦截器(Interceptor)是一种动态拦截方法调用的机制,在SpringMVC中动态拦截控制器方法的执行
作用:
- 在指定的方法调用前后执行预先设定的代码
- 阻止原始方法的执行
- 总结:拦截器就是用来做增强
拦截器与过滤器
拦截器(interceptor) 过滤器(filter) 归属 SpringMVC技术 servlet技术 拦截内容 针对SpringMVC的访问进行增强 所有访问
步骤1:定义拦截器类(实现HandlerInterceptor接口)
HandlerInterceptor的方法:
1、preHandle 在执行controller之前 返回值为boolean
- false: 拦截,不能继续执行
- true:放行
2、 postHandle
3、 afterHandle
public class MyInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//检查session是否为空
HttpSession session = request.getSession();
Student student = (Student) session.getAttribute("student");
Object currentUser = session.getAttribute("currentUser");
Teacher teacher = (Teacher) session.getAttribute("teacher");
if (student == null && currentUser == null && teacher == null) {
//重定向到登录页面
response.sendRedirect("/");
return false;
}else {
//放行
return true;
}
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
}
}
步骤2:配置拦截资源
<!--配置拦截器-->
<mvc:interceptors>
<mvc:interceptor>
<!--要拦截的路径 /** :所有请求-->
<mvc:mapping path="/**"/>
<!--要放行的资源-->
<mvc:exclude-mapping path="/user/login"/>
<mvc:exclude-mapping path="/images/**"/>
<mvc:exclude-mapping path="/js/**"/>
<mvc:exclude-mapping path="/css/**"/>
<bean class="com.gm.interceptor.MyInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
步骤3:实现使用
以登录拦截为例实现:
@RequestMapping(value = "/user/login")
public String Login(String userNo, String password, Model model, HttpServletRequest request) {
User currentUser = userService.login(userNo, password);
if ("".equals(currentUser) || currentUser == null) {
model.addAttribute("message", "用户名或密码错误");
return "../../index";
}
if (currentUser.getPermission() == 2) {
HttpSession session = request.getSession();
session.setMaxInactiveInterval(3600);
// 在t_user表的信息
session.setAttribute("currentUser", currentUser);
// 完整的teacher信息
Teacher teacher = teacherService.showInfoByNo(userNo);
int depId = teacher.getDepartmentId();
String depName = departmentService.getNameById(depId);
teacher.setDepartmentName(depName);
session.setAttribute("teacher", teacher);
//model.addAttribute("userNo", userNo);
return "teacher/main";
} else if (currentUser.getPermission() == 1) {
//是学生用户
//将查询到的学生用户存放到session ,且设置时间为24H
Student student = studentService.findByStudentNO(currentUser.getUserNo());
HttpSession session = request.getSession();
session.setAttribute("currentUser",currentUser);
session.setAttribute("student", student);
System.out.println(student.toString());
return "redirect:/student/toPage";
} else {
model.addAttribute("message", "当前用户不匹配");
return "../../index";
}
}
2. springboot实现拦截功能:
步骤1:定义拦截器类实现HandlerInterceptor接口
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Integer uid = (Integer) request.getSession().getAttribute("uid");
if (uid==null){
//用户还没有登陆过,需要登陆后继续方法
//转发到login.html
response.sendRedirect("/web/login.html");
//不放行
return false;
}
//放行
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
}
}
步骤2: 配置拦截信息
@Configuration //被springmvc识别为springmvc的配置类
public class LoginInterceptorConfig implements WebMvcConfigurer {
@Override
//配置拦截器
public void addInterceptors(InterceptorRegistry registry) {
// 1、创建自定义拦截器对象
LoginInterceptor interceptor = new LoginInterceptor();
//2、配置白名单存入list集合
List<String> list = new ArrayList<>();
list.add("/bootstrap3/**");
list.add("/css/**");
list.add("/js/**");
list.add("/images/**");
list.add("/web/login.html/**");
list.add("/web/register/**");
list.add("/web/index/**");
list.add("/web/products/**");
list.add("/users/register");
list.add("/users/login");
//registry.addInterceptor(interceptor);完成拦截器的注册,后面的addPathPatterns表示拦截哪些url
//这里的参数/**表示所有请求,再后面的excludePathPatterns表
// 示有哪些是白名单,且参数是列表
registry.addInterceptor(interceptor).addPathPatterns("/**").excludePathPatterns(list);
}
}
以上就可实现登录功能的拦截。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
