利用springmvc拦截器做登录

1.定义一个拦截器

public class TopicLoginInterceptor implements HandlerInterceptor {

@Autowiredprivate VZyTopicService topicService;

private static final List exceptUrls=Arrays.asList("/topic/login", "/topic/logout");

@Override

public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)

throws Exception {

//获取请求的url

      /*  String requestUri = request.getRequestURI();

        System.out.println("请求的URI是:"+requestUri);

        System.out.println("请求的ContextPath是:"+request.getContextPath());

        String subRequestUri = requestUri.substring(request.getContextPath().length()+6, requestUri.length());

System.out.println("截取后的:"+subRequestUri);

        for (String freeUrl : exceptUrls) {

}*/

// 检查token头

String token = request.getHeader("topicToken");

if (StringUtils.isBlank(token)) {

token = request.getParameter("topicToken");

}

// 判断首页是否有效

if (token == null || "".equals(token)) {

throw new ServiceException(DBExceptionForBackEndEnums.USER_IS_NOT_LOGIN);

}

Boolean tokenValid = topicService.checkToken(request, response);

if (!tokenValid) {

throw new ServiceException(DBExceptionForBackEndEnums.USER_IS_NOT_LOGIN);

}

return true;

}

@Override

public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,

ModelAndView modelAndView) throws Exception {

// TODO Auto-generated method stub

}

@Override

public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)

throws Exception {

// TODO Auto-generated method stub

}

}

2.配置需要拦截的url以及需要放开的url

拦截配置

不对登录接口以及登出接口做拦截。

3.登录接口

public CommResultlogin(LoginParam token, HttpServletRequest request, HttpServletResponse response) {CommResultresult = new CommResult();

// 用户名和密码

String username = token.getUsername();

String password = token.getPassword();

if (username == null || "".equals(username) || password == null || "".equals(password)) {

result.setCode(300);

result.setMsg("参数为空");

return result;

}

// 查询用户信息purchase_user

PurchaseUser purchaseUser =purchaseUserMapper.findPurchaseUserByUserName(username);

if (purchaseUser == null) {

result.setCode(301);

result.setMsg("用户不存在");

return result;

}

if (!password.equals(purchaseUser.getPassWord())) {

result.setCode(302);

result.setMsg("密码错误");

return result;

}

// dealWithLogin

String randomStr = RandomUtils.randomString(16);

LoginData loginData = new LoginData();

loginData.setId(purchaseUser.getId());

loginData.setUsername(purchaseUser.getAccount());

loginData.setPassword(purchaseUser.getPassWord());

loginData.setRole(purchaseUser.getRole());

loginData.setToken(randomStr);

String json = JSONObject.toJSONString(loginData);

//

String loginToken = purchaseUser.getAccount() + purchaseUser.getPassWord() + randomStr;

String encryptToken = Md5Util.createMD5Str(loginToken);

RedisUtil.set("TOPIC_USER_LOGIN_" + encryptToken, json, true, 60 * 60 * 24);

        //设置response头

response.addHeader("topicToken", encryptToken);

result.setCode(200);

result.setMsg("登录成功");

result.setData(loginData);

return result;

}

3.登出logout

public CommResultlogout(HttpServletRequest request, HttpServletResponse response) {CommResultresult = new CommResult();

String token = request.getHeader("topicToken");

if (StringUtils.isBlank(token)) {

token = request.getParameter("topicToken");

}

if(!StringUtils.isBlank(token)) {

RedisUtil.del("TOPIC_USER_LOGIN_"+token);

result.setCode(200);

result.setMsg("登出成功");

return result;

}

result.setCode(200);

result.setMsg("登出成功");

return result;

}