大型运输行业实战_day05_1_登录+注销+表单重复提交+登录拦截器

1.登录

   登录实现如下步骤:

  1.在首页中添加登录按钮

  

   html代码如下:

<%@ page contentType="text/html;charset=UTF-8" language="java" pageEncoding="utf-8" %>
<html>
  <head>
    <title>首页</title>
  </head>
  <body>
   <a href="/login/login">登录</a>
  </body>
</html>

 2.控制层实现

   注意:为了防止表单重复提交 必须设定token值,进行表单重复提交校验

 /**
     * 获取登录页面
     * @param req
     * @return
     */
    @RequestMapping("/login")
    public String login(HttpServletRequest req){
        //创建登录token随机数
        String loginToken = UUID.randomUUID().toString();
        HttpSession session = req.getSession();
        //后端的钥匙
        session.setAttribute("LOGIN_TOKEN_IN_SESSION",loginToken);
        //前端放放钥匙
        req.setAttribute("loginToken",loginToken);
        return "/WEB-INF/views/login.jsp";
    }

3.登录页面效果

 

   登录页面html代码

 <body>
  <div align="center">
     <%-- 存放token信息--%>
      <input id="loginToken" type="hidden" value="${loginToken}"><br/>
    用户名:<input id="userName" type="text" value=""/>
    <br/>
    密 &nbsp; 码:<input id="password" type="password" value=""/>
    <br/>
    <button onclick="login()">登录</button>
  </div>
  </body>

4.点击登录按钮执行的js函数

   注意js函数必须携带登录token值,便于检查是否为重复提交

 function login(){
       //1.获取参数
      var userName = $("#userName").val();
       var password = $("#password").val();
         //登录token信息
         var loginToken = $("#loginToken").val();
       //2.发送请求
       var params = {
         userName:userName,
         password:password,
           _loginToken:loginToken
       };
       var url = 'http://localhost:8080/login/checkLogin';
       jQuery.ajax({
         type: 'POST',
         contentType: 'application/x-www-form-urlencoded',
         url: url,
         data: params,
         dataType: 'json',
         success: function (data) {
           //需要的数据  是否成功   失败原因   code  成功的话 0000  失败0001
            var code = data.code;
             if (code=='0000'){
                 //登录成功  跳转到购票页面
                 window.location.href="http://localhost:8080/ticket2/page";
             }else {
                 //登录失败
                var msg =  data.msg;//登录失败原因
                 alert("登录失败:"+msg)
             }
         },
         error: function (data) {
           alert("失败啦");
         }
       });
     }

 5.处理登录检查的控制层

 /**
     * 登录检查
     * @return
     */
    @RequestMapping("/checkLogin")
    @ResponseBody
    public Result checkLogin(HttpServletRequest req,LoginUser loginUser,String _loginToken){
        Result<Object> objectResult = new Result<>();
        //检查是否重复提交
        HttpSession session = req.getSession();
        //后端的钥匙
        String loginToken = (String)session.getAttribute("LOGIN_TOKEN_IN_SESSION");
       if (loginToken==null){
           System.out.println("------手贱-------");
           objectResult.setCode("0001");
           return objectResult;
          // System.exit(0);//千万不要写这个
       }else if (!loginToken.equals(_loginToken)){
           System.out.println("------手贱-------");
           //System.exit(0);//千万不要写这个
           objectResult.setCode("0001");
           return objectResult;
       }
        //删除 token
        session.removeAttribute("LOGIN_TOKEN_IN_SESSION");
        System.out.println("----第一次登录----------");
        try {
            Thread.sleep(1000);//用于测试重复提交演示
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        //调用业务方法检测登录
        Boolean aBoolean = loginUserService.checkLogin(loginUser);
        if (aBoolean){
            //登录成功 信息放session
            session.setAttribute("LOGIN_IN_SESSION",loginUser);
            objectResult.setCode("0000");
        }else {
            //登录失败
            objectResult.setCode("0001");
            objectResult.setMsg("用户名或密码错误");
        }
        objectResult.setSuccess(aBoolean);
        return objectResult;
    }

 6.业务层处理登录检查

 @Override
    public Boolean checkLogin(LoginUser loginUser) {
        String userName = loginUser.getUserName();
        String password1 = loginUser.getPassword();
        //1.根据用户名查询该用户是否存在
        LoginUser loginUserByName = loginUserDao.getLoginUserByName(userName);
        //2.如果用户存在
        if (loginUserByName!=null){
            // 检查密码是否正确
            String password = loginUserByName.getPassword();
             if (password.equals(password1)){
                 //密码正确 登录成功
                 return true;
             }
        }
        //登录失败
        return false;
    }

7.持久层

  接口:

LoginUser getLoginUserByName(String userName);

 mapper映射文件:

<select id="getLoginUserByName" parameterType="string" resultType="com.day02.sation.model.LoginUser">
    SELECT l.id, l.user_name userName, l.`password` FROM login_user AS l WHERE user_name=#{userName}
</select>
8.测试dao

 @Test
    public void testGetList(){
        LoginUser loginUser = loginUserDao.getLoginUserByName("wuji");
        System.out.println("loginUser="+loginUser);
    }

到此登录完成

2.拦截器配置

     2.1编写拦截器类 LoginInterceptor.java

package com.day02.sation.filter;

import com.day02.sation.model.LoginUser;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Created by Administrator on 12/29.
 */
public class LoginInterceptor extends HandlerInterceptorAdapter {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        System.out.println("-------preHandle----");
           //判断是否有登录信息
        HttpSession session = request.getSession();
        LoginUser loginUser = (LoginUser) session.getAttribute("LOGIN_IN_SESSION");
        if (loginUser==null){
            System.out.println("-------没有登录----");
            //没有登录跳转到登录页面
            response.sendRedirect("/login/login");
        }else {
            System.out.println("-------已经登录----");
        }
        return true;
    }
}

2.2配置mapper/spring/spring-loginInterceptor.xml文件

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:mvc="http://www.springframework.org/schema/mvc"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
         http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc.xsd">
    <mvc:interceptors>
        <!--登录拦截器配置-->
        <mvc:interceptor>
            <!-- 拦截所有-->
            <mvc:mapping path="/**"/>
            <!--  排除静态资源-->
            <mvc:exclude-mapping path="/static/*"/>
            <!--排除登录相关-->
            <mvc:exclude-mapping path="/login/*"/>
           <!-- 处理类-->
            <bean class="com.day02.sation.filter.LoginInterceptor"/>
        </mvc:interceptor>
        <!-- 其他拦截器-->
    </mvc:interceptors>
</beans>

2.3读取拦截器文件

到此登录拦截器配置完成!

3.注销

     3.1注销按钮

      <button onclick="loginout()">注销</button>

     3.2执行js函数

   function loginout(){
       //进入注销处理控制层
        window.location.href="http://localhost:8080/login/loginout";
    }

   3.3控制层处理代码

/**
     * 注销
     * @param req
     * @return
     */
    @RequestMapping("/loginout")
    public String loginout(HttpServletRequest req){
        HttpSession session = req.getSession();
        //删除登录信息
        session.removeAttribute("LOGIN_IN_SESSION");
        //注销后跳转到首页
        return "/index.jsp";
    }

 到此注销完成!