本文主要是介绍使用HttpSession和过滤器实现一个简单的用户登录认证的功能,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
这篇文章分享一下怎么通过session结合过滤器来实现控制登录访问的功能,涉及的代码非常简单,通过session保存用户登录的信息,如果没有用户登录的话,会在过滤器中处理,重定向回登录页面。
创建一个springboot项目,添加springbooot-starter-web和lombok的依赖。创建对应的实体类、controller、service,并创建两个简单的html页面测试过滤器的效果。
一、登录功能实现
controller
package cn.edu.sgu.www.login.controller;import cn.edu.sgu.www.login.entity.User;
import cn.edu.sgu.www.login.service.UserService;
import cn.edu.sgu.www.login.util.UserUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;import java.io.IOException;/*** @author heyunlin* @version 1.0*/
@RestController
@RequestMapping(path = "/user", produces = "application/json;charset=utf-8")
public class UserController {private final UserService userService;@Autowiredpublic UserController(UserService userService) {this.userService = userService;}@RequestMapping(value = "/login", method = RequestMethod.POST)public void login(User user) throws IOException {userService.login(user);UserUtils.getResponse().sendRedirect("/index.html");}}service
UserService
package cn.edu.sgu.www.login.service;import cn.edu.sgu.www.login.entity.User;/*** @author heyunlin* @version 1.0*/
public interface UserService {/*** 登录认证* @param user 用户输入的信息*/void login(User user);
}UserServiceImpl
package cn.edu.sgu.www.login.service.impl;import cn.edu.sgu.www.login.entity.User;
import cn.edu.sgu.www.login.service.UserService;
import cn.edu.sgu.www.login.util.UserUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;/*** @author heyunlin* @version 1.0*/
@Service
public class UserServiceImpl implements UserService {private final UserUtils userUtils;@Autowiredpublic UserServiceImpl(UserUtils userUtils) {this.userUtils = userUtils;}@Overridepublic void login(User user) {String username = user.getUsername();String password = user.getPassword();if (username == null || "".equals(username)) {throw new RuntimeException("用户名不能为空~");} else if (password == null || "".equals(password)) {throw new RuntimeException("密码不能为空~");} else {if (username.equals("admin") && password.equals("12345")) {userUtils.getSession().setAttribute("user", user);} else {throw new RuntimeException("用户名或密码错误!");}}}}二、过滤器实现资源访问控制
LoginFilter
package cn.edu.sgu.www.login.filter;import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;/*** 登录过滤器* @author heyunlin* @version 1.0*/
@WebFilter(filterName = "loginFilter", urlPatterns = {"/", "/html/*", "/index.html"})
public class LoginFilter implements Filter {@Overridepublic void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {HttpServletRequest request = (HttpServletRequest) req;HttpSession session = request.getSession();// 获取登录信息Object obj = session.getAttribute("user");if (obj == null) { // 未登录,重定向到登录页/** 登录页面的地址*/String loginPage = "/login.html";// 获取响应对象HttpServletResponse response = (HttpServletResponse) resp;response.sendRedirect(loginPage);} else { // 当前有用户登录,放行filterChain.doFilter(req, resp);}}}在任意配置类上使用@ServletComponentScan("cn.edu.sgu.www.login.filter")开启servlet的组件扫描~
package cn.edu.sgu.www.login;import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.ServletComponentScan;@ServletComponentScan("cn.edu.sgu.www.login.filter")
@SpringBootApplication
public class FilterLoginApplication {public static void main(String[] args) {SpringApplication.run(FilterLoginApplication.class, args);}}文章设计的代码已上传到git仓库,可按需获取~
使用过滤器实现一个最简单的登录认证功能
https://gitee.com/he-yunlin/filter-login.git
这篇关于使用HttpSession和过滤器实现一个简单的用户登录认证的功能的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
