1. 程式人生 > >(三)基於SSM+Redis+Nginx+FastDFS的部落格網站

(三)基於SSM+Redis+Nginx+FastDFS的部落格網站

上一篇主要介紹了SSM整合以及測試。


這一篇主要介紹登入模組,登入模組用到了過濾器,配置過濾器時需要在web.xml裡面進行配置,相關配置已經在第二篇的web.xml有註明。


 本篇涉及的類有:控制層的LoginController、過濾器CheckLoginFilter以及資料庫訪問的。


  •  Controller層:如果登入成功,則將該使用者設定到session裡,然後結合前端JS判斷該使用者是否為空來顯示遮罩層與否,並且設定session失效時間。使用者密碼儲存到資料庫時推薦使用MD5加密。

  • package com.tdrip.controller;
    
    import javax.servlet.http.HttpSession;
    
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.web.bind.annotation.PathVariable;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.RequestMethod;
    import org.springframework.web.bind.annotation.RestController;
    
    import com.tdrip.model.util.ServiceResult;
    import com.tdrip.service.OperatorService;
    
    @RestController
    public class LoginController {
    	
    	@Autowired
    	private OperatorService operatorService;
    	@Autowired
    	private HttpSession session;
    
    	@RequestMapping(value = "/login/login", method=RequestMethod.POST)
    	public ServiceResult login(String password) {
    		ServiceResult serviceResult = operatorService.findById(password);
    		if (null != serviceResult.getData()) {
    			session.setAttribute("admin", serviceResult.getData());
    			//無活動10分鐘後session失效
    			session.setMaxInactiveInterval(10*60);
    		}
    		return serviceResult;
    	}
    }
  • OperatorlService:操作員service,用於登入驗證的serivce層
    package com.tdrip.service.impl;
    
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.stereotype.Service;
    
    import com.tdrip.mapper.OperatorMapper;
    import com.tdrip.model.db.OperatorModel;
    import com.tdrip.model.util.ServiceResult;
    import com.tdrip.service.OperatorService;
    import com.tdrip.util.ToolUtil;
    
    @Service
    public class OperatorServiceImpl implements OperatorService {
    
    	@Autowired
    	private OperatorMapper operatorMapper;
    	
    	@Override
    	public ServiceResult findById(String password) {
    		String md5 = ToolUtil.getMD5(password);
    		OperatorModel model = operatorMapper.selectById(md5);
    		if (model != null) {
    			return ServiceResult.Return(model);
    		} 
    		return ServiceResult.Build(-1, "密碼錯誤!");
    	}
    }
    

  • OperatorMapper介面:
    package com.tdrip.mapper;
    
    import org.springframework.stereotype.Repository;
    
    import com.tdrip.model.db.OperatorModel;
    
    @Repository
    public interface OperatorMapper {
    	public OperatorModel selectById(String id);
    	public OperatorModel selectLikeId(String id);
    	public int insert(OperatorModel model);
    }
    

  • OperatorMpper.xml:
    <?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
    
    <mapper namespace="com.tdrip.mapper.OperatorMapper">
    
    	<resultMap type="com.tdrip.model.db.OperatorModel" id="OperatorModelResult">
    		<id property="id" column="id" />
    		<result property="cutc" column="cutc" />
    		<result property="permission" column="permission" />
    	</resultMap>
    	
    	
    	<select id="selectById" resultMap="OperatorModelResult">
    		SELECT id, cutc, permission
    		FROM operator
    		WHERE id = #{id}
    	</select>
    	
    	<select id="selectLikeId" resultMap="OperatorModelResult">
    		SELECT id, permission
    		FROM operator
    		WHERE id like CONCAT('%',#{id},'%')  
    	</select>
    	
    	<insert id="insert">
    		INSERT INTO operator(id, cutc) values(#{id}, #{cutc})
    	</insert>
    
    	
    </mapper>

  • CheckLoginFilter:該類需要實現Filter介面,過濾的實現方法主要是doFilter。
    package com.tdrip.filter;
    
    import java.io.IOException;
    
    import javax.servlet.Filter;
    import javax.servlet.FilterChain;
    import javax.servlet.FilterConfig;
    import javax.servlet.ServletException;
    import javax.servlet.ServletRequest;
    import javax.servlet.ServletResponse;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import javax.servlet.http.HttpSession;
    
    public class CheckLoginFilter implements Filter {
    
    	@Override
    	public void init(FilterConfig filterConfig) throws ServletException {
    		// TODO Auto-generated method stub
    
    	}
    
    	/**
    	 * 過濾流程:
    	 * 	1、如果訪問的是主頁index或者靜態檔案(css,js)之類的話直接訪問通過
    	 * 	2、如果是登入請求或者查詢全部內容請求則通過
    	 * 	3、不滿足以上兩點則需要使用者進行登入。
    	 */
    	@Override
    	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
    			throws IOException, ServletException {
    
    		HttpServletRequest request = (HttpServletRequest) req;
    		HttpServletResponse response = (HttpServletResponse) res;
    		HttpSession session = request.getSession();
    
    		String requestURL = request.getRequestURI();
    		boolean conditionPass = requestURL.contains("/index") || requestURL.endsWith(".html") || requestURL.contains("/resource") ||
    								requestURL.endsWith(".js") || requestURL.endsWith(".css") || requestURL.endsWith(".ico");
    		if (conditionPass) {
    			chain.doFilter(request, response);
    		} else {
    			if (requestURL.contains("/login/login") || requestURL.endsWith("/content/findAll")) {
    				chain.doFilter(request, response);
    			} else {
    				 boolean loggedIn = session != null && session.getAttribute("admin") != null;
    				 if (loggedIn) {
    		            	chain.doFilter(request, response);
    				 } else {
    		            	request.getRequestDispatcher("index").forward(request, response);
    		         }
    			}
    			
    		}
    	}
    
    	@Override
    	public void destroy() {
    		// TODO Auto-generated method stub
    
    	}
    
    }
    

PS:本篇介紹的是關於登入模組和過濾器。由於樓主之前還沒接觸過shiro框架,所以用的是基本的過濾器,有興趣的小夥伴可以去看看shiro框架,關於登入驗證許可權方面的。樓主最近在整合自己到目前為止所學的東西到一個專案裡,裡面也用到了shiro,之後再推出。

 下一篇開始介紹redis,並整合到spring中。