SSM项目使用拦截器实现登录验证功能

登录接口实现

$[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-0cpALosZ-1642789019450)(C:\Users\LiShiQi\AppData\Roaming\Typora\typora-user-images\image-20220121111816014.png)]$

 public User queryUser(String UserName, String Password,HttpServletRequest request, HttpServletResponse response) {
        User user = userMapper.queryUser(UserName,Password);
        if(!StringUtils.isEmpty(user)){
            //1.获取session
            HttpSession session = request.getSession();
            //2.获取sessionid
            String sessionId = session.getId();
            //3.将sessionid作为key，用户信息user作为value，放入session中
            session.setAttribute(sessionId,user);
            //4.将sessionId存到cookie中,"JSESSIONID"为自定义的key值
            Cookie cookie = new Cookie("JSESSIONID",sessionId);
            //5.设置cookie的有效路径
            cookie.setPath(request.getContextPath());
            //6.将cookie返回给页面
            response.addCookie(cookie);
        }
        return user;
    }

$[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-vJI0vZr2-1642789019451)(C:\Users\LiShiQi\AppData\Roaming\Typora\typora-user-images\image-20220121112711167.png)]$

拦截器类代码实现

$[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-v6XYe05U-1642789019451)(C:\Users\LiShiQi\AppData\Roaming\Typora\typora-user-images\image-20220121113001689.png)]$

public class Filter extends HandlerInterceptorAdapter {
    private static Logger logger = Logger.getLogger(Filter.class);
    /**
     * 进入拦截器后首先进入的方法
     * 返回false则不再继续执行
     * 返回true则继续执行
     */
    @Override
    public boolean preHandle(HttpServletRequest request,
                             HttpServletResponse response, Object handler)throws Exception
    {
        //1.定义sessionid变量
        String sessionid = "";
        //2.获取session对象
        HttpSession session=request.getSession();
        //3.获取页面上所有的cookie
        Cookie[] cookies = request.getCookies();
        //4.循环寻找名称为"JSESSIONID"的cookie
        for(Cookie cookie:cookies){
            if(cookie.getName().equals("JSESSIONID")){
                sessionid = cookie.getValue();
            }
        }
        //5.根据sessionid获取用户信息
        User user = (User) session.getAttribute(sessionid);
        if(StringUtils.isEmpty(user)) {
            logger.info("用户未登录");
            //用户未登录跳转到登录页面
            response.sendRedirect("login");
            return false;
        }
        logger.info("用户已登录");
        return  true;
    }

}

配置文件实现

$[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-oayOdO4u-1642789019452)(C:\Users\LiShiQi\AppData\Roaming\Typora\typora-user-images\image-20220122013036440.png)]$

    <!--自定义拦截器-->
    <mvc:interceptors>
        <mvc:interceptor>
            <!--配置要拦截的路径-->
            <mvc:mapping path="/**"/>
            <!--配置登录接口不被拦截-->
            <mvc:exclude-mapping path="/user/login"/>
            <!--指定拦截器类路径-->
            <bean class="com.lishiqi.Util.Filter"></bean>
        </mvc:interceptor>
    </mvc:interceptors>