(三)基於SSM+Redis+Nginx+FastDFS的部落格網站
阿新 • • 發佈:2018-11-03
上一篇主要介紹了SSM整合以及測試。
這一篇主要介紹登入模組,登入模組用到了過濾器,配置過濾器時需要在web.xml裡面進行配置,相關配置已經在第二篇的web.xml有註明。
本篇涉及的類有:控制層的LoginController、過濾器CheckLoginFilter以及資料庫訪問的。
- Controller層:如果登入成功,則將該使用者設定到session裡,然後結合前端JS判斷該使用者是否為空來顯示遮罩層與否,並且設定session失效時間。使用者密碼儲存到資料庫時推薦使用MD5加密。
package com.tdrip.controller; import javax.servlet.http.HttpSession; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; import com.tdrip.model.util.ServiceResult; import com.tdrip.service.OperatorService; @RestController public class LoginController { @Autowired private OperatorService operatorService; @Autowired private HttpSession session; @RequestMapping(value = "/login/login", method=RequestMethod.POST) public ServiceResult login(String password) { ServiceResult serviceResult = operatorService.findById(password); if (null != serviceResult.getData()) { session.setAttribute("admin", serviceResult.getData()); //無活動10分鐘後session失效 session.setMaxInactiveInterval(10*60); } return serviceResult; } }
-
OperatorlService:操作員service,用於登入驗證的serivce層
package com.tdrip.service.impl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import com.tdrip.mapper.OperatorMapper; import com.tdrip.model.db.OperatorModel; import com.tdrip.model.util.ServiceResult; import com.tdrip.service.OperatorService; import com.tdrip.util.ToolUtil; @Service public class OperatorServiceImpl implements OperatorService { @Autowired private OperatorMapper operatorMapper; @Override public ServiceResult findById(String password) { String md5 = ToolUtil.getMD5(password); OperatorModel model = operatorMapper.selectById(md5); if (model != null) { return ServiceResult.Return(model); } return ServiceResult.Build(-1, "密碼錯誤!"); } }
-
OperatorMapper介面:
package com.tdrip.mapper; import org.springframework.stereotype.Repository; import com.tdrip.model.db.OperatorModel; @Repository public interface OperatorMapper { public OperatorModel selectById(String id); public OperatorModel selectLikeId(String id); public int insert(OperatorModel model); }
-
OperatorMpper.xml:
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" > <mapper namespace="com.tdrip.mapper.OperatorMapper"> <resultMap type="com.tdrip.model.db.OperatorModel" id="OperatorModelResult"> <id property="id" column="id" /> <result property="cutc" column="cutc" /> <result property="permission" column="permission" /> </resultMap> <select id="selectById" resultMap="OperatorModelResult"> SELECT id, cutc, permission FROM operator WHERE id = #{id} </select> <select id="selectLikeId" resultMap="OperatorModelResult"> SELECT id, permission FROM operator WHERE id like CONCAT('%',#{id},'%') </select> <insert id="insert"> INSERT INTO operator(id, cutc) values(#{id}, #{cutc}) </insert> </mapper>
-
CheckLoginFilter:該類需要實現Filter介面,過濾的實現方法主要是doFilter。
package com.tdrip.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class CheckLoginFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { // TODO Auto-generated method stub } /** * 過濾流程: * 1、如果訪問的是主頁index或者靜態檔案(css,js)之類的話直接訪問通過 * 2、如果是登入請求或者查詢全部內容請求則通過 * 3、不滿足以上兩點則需要使用者進行登入。 */ @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; HttpSession session = request.getSession(); String requestURL = request.getRequestURI(); boolean conditionPass = requestURL.contains("/index") || requestURL.endsWith(".html") || requestURL.contains("/resource") || requestURL.endsWith(".js") || requestURL.endsWith(".css") || requestURL.endsWith(".ico"); if (conditionPass) { chain.doFilter(request, response); } else { if (requestURL.contains("/login/login") || requestURL.endsWith("/content/findAll")) { chain.doFilter(request, response); } else { boolean loggedIn = session != null && session.getAttribute("admin") != null; if (loggedIn) { chain.doFilter(request, response); } else { request.getRequestDispatcher("index").forward(request, response); } } } } @Override public void destroy() { // TODO Auto-generated method stub } }
PS:本篇介紹的是關於登入模組和過濾器。由於樓主之前還沒接觸過shiro框架,所以用的是基本的過濾器,有興趣的小夥伴可以去看看shiro框架,關於登入驗證許可權方面的。樓主最近在整合自己到目前為止所學的東西到一個專案裡,裡面也用到了shiro,之後再推出。
下一篇開始介紹redis,並整合到spring中。