SpringAOP实现登录验证的操作代码
要求任何操作都建立在已经登录的基础上,登录操作除外。。。。
使用spring aop不仅简单,还不会对其他部件中产生影响
以下具体代码实现:
package com.joey.util;
import org.apache.logging.log4j.logmanager;
import org.apache.logging.log4j.logger;
import org.aspectj.lang.proceedingjoinpoint;
import org.aspectj.lang.annotation.around;
import org.aspectj.lang.annotation.aspect;
import org.aspectj.lang.annotation.pointcut;
import org.springframework.stereotype.component;
import org.springframework.web.context.request.requestcontextholder;
import org.springframework.web.context.request.servletrequestattributes;
import org.springframework.web.servlet.modelandview;
import javax.servlet.http.httpservletrequest;
/**
* 登录验证aop
*/
@component
@aspect
public class loginhelper {
private static logger logger = logmanager.getlogger(loginhelper.class.getname());
@pointcut("within(com.joey.controller..*)&&!within(com.joey.controller.indexcontroller)") // indexcontroller中写了登录方法
public void login() {
}
@around("login()")
public object auth(proceedingjoinpoint joinpoint) throws throwable {
// 获取session中的用户信息
httpservletrequest request = ((servletrequestattributes) requestcontextholder.getrequestattributes()).getrequest();
string username = (string) request.getsession().getattribute("username");
if (username == null) {
logger.info("未登录");
return new modelandview("redirect:/login");
}
logger.info("username: " + username);
return joinpoint.proceed();
}
}
既然要从session中获取用户信息,那么肯定要先保存的。可以自登录方法中保存username
package com.joey.controller;
import com.joey.model.user;
import com.joey.service.userservice;
import org.apache.logging.log4j.logmanager;
import org.apache.logging.log4j.logger;
import org.springframework.stereotype.controller;
import org.springframework.web.bind.annotation.requestmapping;
import org.springframework.web.bind.annotation.requestmethod;
import org.springframework.web.servlet.modelandview;
import javax.annotation.resource;
import javax.servlet.http.httpservletrequest;
@controller
@requestmapping("/")
public class indexcontroller {
private static logger logger = logmanager.getlogger(indexcontroller.class.getname());
@resource(name = "userservice")
private userservice userservice;
@requestmapping(value = {"", "index", "login"}, method = requestmethod.get)
public string index() {
return "login";
}
/**
* 管理员/普通用户登陆
*
* @param username
* @param password
* @return
*/
@requestmapping(value = {"login"}, method = requestmethod.post)
public modelandview login(httpservletrequest request, string username, string password) {
int id;
try {
id = userservice.login(username, password);
} catch (exception e) {
e.printstacktrace();
logger.info("not found");
return new modelandview("login")
.addobject("msg", "try again");
}
user user = userservice.selectbyprimarykey(id);
request.getsession().setattribute("username", user.getname()); // 保存username到session看这里
return new modelandview(user.getadmin() == 1 ? "admin" : "home")
.addobject("id", user.getid())
.addobject("username", user.getname())
.addobject("description", user.getdescription())
.addobject("isadmin", user.getadmin() == 1 ? "admin" : "user");
}
@requestmapping(value = "home", method = requestmethod.get)
public string home() {
return "admin";
}}
到此这篇关于springaop实现登录验证的文章就介绍到这了,更多相关springaop登录验证内容请搜索以前的文章或继续浏览下面的相关文章希望大家以后多多支持!