SpringBoot　web--RestfulCRUD-demo-登陆&拦截器（学习笔记17）

1、登录

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
		<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
		<meta name="description" content="">
		<meta name="author" content="">
		<title>Signin Template for Bootstrap</title>
		<!-- Bootstrap core CSS -->
		<link href="asserts/css/bootstrap.min.css" th:href="@{/webjars/bootstrap/4.1.0/css/bootstrap.min.css}" rel="stylesheet">
		<!-- Custom styles for this template -->
		<link href="asserts/css/signin.css" th:href="@{/asserts/css/signin.css}" rel="stylesheet">
	</head>

	<body class="text-center">
		<form class="form-signin" action="dashboard.html" th:action="@{/user/login}" method = "post">
			<img class="mb-4" src="asserts/img/bootstrap-solid.svg" th:src="@{/asserts/img/bootstrap-solid.svg}" alt="" width="72" height="72">
			<h1 class="h3 mb-3 font-weight-normal" th:text="#{index.tip}">Please sign in</h1>
			<p style="color:red" th:text="${msg}" th:if="${not #strings.isEmpty(msg)}"></p>
			<label class="sr-only" th:text="#{index.username}">Username</label>
			<input type="text" name="username" class="form-control" placeholder="Username"　th:placeholder="#{index.username}" required="" autofocus="">
			<label class="sr-only" th:text="#{index.password}">Password</label>
			<input type="password" name="password" class="form-control" placeholder="Password" th:placeholder="#{index.password}" required="">
			<div class="checkbox mb-3">
				<label>
		          <input type="checkbox" value="remember-me"> [[#{index.remember}]]
		        </label>
			</div>
			<button class="btn btn-lg btn-primary btn-block" type="submit" th:text="#{index.btn}">Sign in</button>
			<p class="mt-5 mb-3 text-muted">© 2017-2018</p>
			<a class="btn btn-sm" th:href="@{/index.html(lang='zh_CN')}">中文</a>
			<a class="btn btn-sm" th:href="@{/index.html(lang='en_US')}">English</a>
		</form>

	</body>

</html>

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
@RequestMapping(value="/user")
public class UserController {

	// 在Rest风格中可以这么写
	//@GetMapping
	//@DeleteMapping
	//@PutMapping
	//@PostMapping(value="/user/login")
	@RequestMapping(value="login", method = RequestMethod.POST)
	public String login(String username, String password, Map<String, Object> map){
		if("admin".equals(username) && "123".equals(password)){
			//return "dashboard";
			/**
			 * 登录成功，防止表单重复提交，可以重定向某个路径信息，
			 * 这个路径是不存在的，通过路径映射现次设置相关的页面路径
			 */
			return "redirect:/main";
		}
		map.put("msg", "登录失败");
		return "index";
	}
}

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.LocaleResolver;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;

import com.demo.springbootweb.component.MyLocaleResolver;

// 使用WebMvcConfigurerAdapter可以来扩展SpringMVC的功能
// @EnableWebMvc   不要接管SpringMVC
@Configuration
public class MyMvcConfig extends WebMvcConfigurationSupport {

	private static final String[] CLASSPATH_RESOURCE_LOCATIONS = {
			"classpath:/META-INF/resources/", "classpath:/resources/",
			"classpath:/static/", "classpath:/public/" };

	/**
	 * 解决springboot项目中的html文件引用js、css、图片的问题
	 */
	@Override
	public void addResourceHandlers(ResourceHandlerRegistry registry) {
		if (!registry.hasMappingForPattern("/webjars/**")) {
			registry.addResourceHandler("/webjars/**").addResourceLocations(
					"classpath:/META-INF/resources/webjars/");
		}
		if (!registry.hasMappingForPattern("/**")) {
			registry.addResourceHandler("/**").addResourceLocations(
					CLASSPATH_RESOURCE_LOCATIONS);
		}
	}
	
	/**
	 * 路径映射
	 * @return
	 */
	@Override
	protected void addViewControllers(ViewControllerRegistry registry) {
		registry.addViewController("/main").setViewName("dashboard");
		super.addViewControllers(registry);
	}

	/**
	 * 配置自己的国际化语言解析器
	 * 
	 * @return
	 */
	@Bean
	public LocaleResolver localeResolver() {
		return new MyLocaleResolver();
	}

}

上面重定向的问题：http://localhost:8080/crud/main 在用户不登录的状态，依然可以访问主页面信息？

2、拦截器  进行登录检查

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/**
 * 登录拦截器　　登录检查
 * @author john
 *
 */
public class LoginHandlerInterceptor implements HandlerInterceptor {

	/**
	 * 
	 */
	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {
		//return HandlerInterceptor.super.preHandle(request, response, handler);
		Object attribute = request.getSession().getAttribute("loginUser");
		if(StringUtils.isEmpty(attribute)){
			request.setAttribute("msg", "没有权限请登录");
			// 未登录，返回登录页面
			request.getRequestDispatcher("/").forward(request, response);
			// response.sendRedirect("/");
			return false;
		}else{
			return true;
		}
	}
	
	@Override
	public void postHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
		// TODO Auto-generated method stub
		HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
	}
	
	@Override
	public void afterCompletion(HttpServletRequest request,
			HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
		// TODO Auto-generated method stub
		HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
	}
	
}

import java.util.ArrayList;
import java.util.List;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.LocaleResolver;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;

import com.demo.springbootweb.component.LoginHandlerInterceptor;
import com.demo.springbootweb.component.MyLocaleResolver;

// 使用WebMvcConfigurationSupport可以来定制、扩展SpringMVC的功能
// @EnableWebMvc   不要接管SpringMVC
@Configuration
public class MyMvcConfig extends WebMvcConfigurationSupport {

	private static final String[] CLASSPATH_RESOURCE_LOCATIONS = {
			"classpath:/META-INF/resources/", "classpath:/resources/",
			"classpath:/static/", "classpath:/public/" };

	/**
	 * 解决springboot项目中的html文件引用js、css、图片的问题
	 * 想自定义静态资源映射目录的话，只需重写addResourceHandlers方法即可。
	 */
	@Override
	public void addResourceHandlers(ResourceHandlerRegistry registry) {
		registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
		registry.addResourceHandler("/**").addResourceLocations(CLASSPATH_RESOURCE_LOCATIONS);
		super.addResourceHandlers(registry);
	}
	
	/**
	 * 页面跳转addViewControllers
	 * 注册路径映射
	 * @return
	 */
	@Override
	protected void addViewControllers(ViewControllerRegistry registry) {
		registry.addViewController("/").setViewName("index");
		registry.addViewController("/index").setViewName("index");
		registry.addViewController("/index.html").setViewName("index");
		registry.addViewController("/main").setViewName("dashboard");
		super.addViewControllers(registry);
	}
	
	/**
	 * 注册拦截器
	 */
	@Override
	protected void addInterceptors(InterceptorRegistry registry) {
		
		List<String> patterns = new ArrayList<String>(); // 排除访问请求
		patterns.add("/");
		patterns.add("/index.html");
		patterns.add("/index");
		patterns.add("/user/login");
		patterns.add("/webjars/**");// webjars下的静态资源不需要拦截
		patterns.add("/asserts/**");// asserts下的静态资源不需要拦截
		registry.addInterceptor(new LoginHandlerInterceptor())
				.addPathPatterns("/**") // 拦截所有请求
				.excludePathPatterns(patterns);
		super.addInterceptors(registry);
	}


	/**
	 * 配置自己的国际化语言解析器
	 * 
	 * @return
	 */
	@Bean
	public LocaleResolver localeResolver() {
		return new MyLocaleResolver();
	}

}