When we want to log on once, in a certain period of time may not be able to log in again to access some of the interface, then this time, we can (uniquely) to be stored in the user name the first time users log in to the server's session among , next time you visit, you can judge the user name of the session to see if the user exists, if present, is not intercepted, if not, then be redirected to the login screen
The first step, first add the interceptor
org.springframework.context.annotation.Configuration Import;
Import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
Import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
/ **
* add interceptors
* /
public class SessionConfiguration the extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors (InterceptorRegistry Registry) {
registry.addInterceptor (new new SessionInterceptor ()) addPathPatterns ( "/");.
// site configuration generator: adding a blocker, path interception The entire project
}
}
The second step, to be released some paths, such as login interfaces, home interfaces
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
/**
* 对某些接口进行放行
*/
public class SessionInterceptor implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
}
@Override
public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2) throws Exception {
//首页路径以及登录放行
if ("/index".equals(arg0.getRequestURI()) || "/loging".equals(arg0.getRequestURI())) {
return true;}
//重定向
Object object = arg0.getSession().getAttribute("users");
if (null == object) {
arg1.sendRedirect("/loging");
return false;}
return true;
}
}
Login control layer, when the first authentication is successful, put the user name is stored in the user's session
@PostMapping(value = "/login")
public void login1(@RequestParam("userName") String username,@RequestParam("password") String password,HttpServletResponse response,HttpServletRequest request)throws Exception{
String password1=manageMapper.selectPassword(username);
response.setContentType("text/html;charset=utf-8");
response.setCharacterEncoding("utf-8");
PrintWriter out = response.getWriter();
if(password1.equals(password)){
request.getSession().setAttribute("users",username);//用户名存入该用户的session 中
out.print("<script language=\"javascript\">alert('登录成功了');window.location.href='/notifications'</script>");
}else
out.print ( "<script language = \ " javascript \ "> alert ( ' Error account password'); window.location.href = '/ loging' </ Script>");
}
In this way, we can avoid dense logged in a short time, you can set the survival time of the session in springboot