SSM專案下的登入攔截
阿新 • • 發佈:2021-06-14
1、前端傳資料給前端
把資料放到cookie中或者localStorage
登入JS
/** * 登入操作 */ function checkCode(email,code){ $.post("checkCode?email="+email+"&code="+code,function (response){ console.log(response.status); //驗證碼錯誤 if (response.status == 3002) {//顯示 alert(response.message); location.replace("login.html"); } if (response.status == 2000) { //跳轉頁面 獲取郵箱驗證碼 window.localStorage.setItem("admin",JSON.stringify(response.data)) location.replace("/toMain"); } }); }
主頁JS
$(function (){ var admin = JSON.parse(localStorage.getItem("admin")) console.log(admin) if (admin!=null){ if (admin.adminAvatar){ $("#adminAvatar").attr("src",admin.adminAvatar) } if (admin.adminName){ $("#adminName").text(admin.adminName) } } })
2、登入攔截
把使用者資訊儲存到session返回給前端,前端每次請求時後臺檢測session中有沒有使用者資訊,有就允許請求,沒有就丟擲自定義異常,返回一個狀態碼給前端,前端檢測到這個狀態碼會重定向到指定頁
注意:非同步請求重定向失效
1、把使用者資訊儲存到session返回給前端
Controller層程式碼
/** * 輸入驗證碼,驗證登入 * * @param email * @param code * @return */ @PostMapping("checkCode") @ResponseBody public AjaxResult checkCode(HttpServletRequest request, String email, String code) { String s = jedis.get(email); Admin admin = adminService.findAdminByEmail(email); if (code.equalsIgnoreCase(s)) { //登入成功後,手動刪除 jedis.del(email); //把使用者資訊儲存到session中 request.getSession().setAttribute("admin",admin); return AjaxResult.success(admin); } else { return AjaxResult.error(AjaxStatus.CODE_CHECK_ERROR); } }
2、建立攔截器,檢測session中的資料
public class LonginInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { Object admin = request.getSession().getAttribute("admin"); if (admin==null) { throw new NotLoginException(AjaxStatus.NOT_LOGIN); } return true; } }
3、在springmvc配置攔截器
<!-- 攔截器--> <mvc:interceptors> <mvc:interceptor> <mvc:mapping path="/**"/> <mvc:exclude-mapping path="/dist/**"/> <mvc:exclude-mapping path="/plugins/**"/> <mvc:exclude-mapping path="/login.html"/> <mvc:exclude-mapping path="/WEB-INF/pages/**"/> <mvc:exclude-mapping path="/WEB-INF/template/**"/> <mvc:exclude-mapping path="/getCode"/> <mvc:exclude-mapping path="/toCode"/> <mvc:exclude-mapping path="/checkCode"/> <mvc:exclude-mapping path="/toMain"/> <mvc:exclude-mapping path="/sendActiveEmail"/> <mvc:exclude-mapping path="/*/doActive"/> <mvc:exclude-mapping path="/success"/> <mvc:exclude-mapping path="/"/> <bean class="top.ftime.wk.interceptor.LonginInterceptor"/> </mvc:interceptor> </mvc:interceptors>
4、設定沒有登入的狀態碼
public enum AjaxStatus { /** * 狀態碼 */ OK(2000,"操作成功"), ERROR(5000,"操作失敗"), //登入相關狀態碼 EMAIL_NOT_FOUND(3000,"郵箱錯誤"), ADMIN_NOT_ACTIVE(3001,"使用者未啟用"), CODE_CHECK_ERROR(3002,"驗證碼錯誤"), ACTIVE_ERROR(3003,"郵箱啟用失敗或已啟用"), ACTIVE_OK(2001,"啟用郵件已傳送,注意查收"), NOT_LOGIN(4004,"登入過期,請重新登入"), ; private int status; private String message; AjaxStatus(int status, String message) { this.status = status; this.message = message; } public int getStatus() { return status; } public void setStatus(int status) { this.status = status; } public String getMessage() { return message; } public void setMessage(String message) { this.message = message; } }
5、使用自定義異常
public class NotLoginException extends RuntimeException{ private AjaxStatus ajaxStatus; public AjaxStatus getAjaxStatus() { return ajaxStatus; } public void setAjaxStatus(AjaxStatus ajaxStatus) { this.ajaxStatus = ajaxStatus; } public NotLoginException(AjaxStatus ajaxStatus) { this.ajaxStatus = ajaxStatus; } }
6、捕捉異常,返回給頁面一個狀態碼
@ControllerAdvice public class MyHandler { @ExceptionHandler(NotLoginException.class) @ResponseBody public AjaxResult myHandler(NotLoginException e){ return AjaxResult.error(e.getAjaxStatus()); } }
7、設定全域性函式,檢測狀態碼
$(function () { //全域性函式 $.ajaxSetup({ global: true, complete: function (a, b, c) { console.log(a.responseJSON.status) if (a.responseJSON.status == 4004) { alert(a.responseJSON.message); parent.location.replace("/"); } } }) }