SpringAOP实现登录验证的操作代码

SpringAOP实现登录验证的操作代码

要求任何操作都建立在已经登录的基础上，登录操作除外。。。。

使用Spring AOP不仅简单，还不会对其他部件中产生影响

以下具体代码实现：

package com.joey.util;

import org.apache.logging.log4j.LogManager;

import org.apache.logging.log4j.Logger;

import org.aspectj.lang.ProceedingJoinPoint;

import org.aspectj.lang.annotation.Around;

import org.aspectj.lang.annotation.Aspect;

import org.aspectj.lang.annotation.Pointcut;

import org.springframework.stereotype.Component;

import org.springframework.web.context.request.RequestContextHolder;

import org.springframework.web.context.request.ServletRequestAttributes;

import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;

/**

* 登录验证AOP

*/

@Component

@Aspect

public class LoginHelper {

private static Logger logger = LogManager.getLogger(LoginHelper.class.getName());

@Pointcut("within(com.joey.controller..*)&&!within(com.joey.controller.IndexController)") // IndexController中写了登录方法

public void login() {

}

@Around("login()")

public Object auth(ProceedingJoinPoint joinPoint) throws Throwable {

// 获取session中的用户信息

HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getReqhttp://uest();

String username = (String) request.getSession().getAttribute("username");

if (username == null) {

logger.info("未登录");

return new ModelAndView("redirect:/login");

}

logger.info(FjatIRG"username: " + username);

return joinPoint.proceed();

}

}

既然要从session中获取用户信息，那么肯定要先保存的。可以自登录方法中保存username

package com.joey.controller;

import com.joey.model.User;import com.joey.service.UserService;import org.apache.logging.log4j.LogManager;import org.apache.logging.log4j.Logger;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RequestMethod;import org.springframework.web.servlet.ModelAndView;

import javax.annotation.Resource;import javax.servlet.http.HttpServletRequest;

@Controller@RequestMapping("/")public class IndexController {private static Logger logger = LogManager.getLogger(IndexController.class.getName());

@Resource(name = "userService")

private UserService userService;

@RequestMapping(value = {"", "index", "login"}, method = RequestMethod.GET)

public String index() {

return "login";

}

/**

* 管理员/普通用户登陆

*

* @param username

* @param password

* @return

*/

@RequestMapping(value = {"login"}, method = RequestMethod.POST)

public Modelhttp://AndView login(HttpServletRequest request, String username, String password) {

int id;

try {

id = userService.login(username, password);

} catch (Exception e) {

e.printStackTrace();

logger.info("not found");

return new ModelAndView("login")

.addObject("msg", "Try Again");

}

User user = userService.selectByPrimaryKey(id);

request.getSession().setAttribute("username", user.getName()); // 保存username到session看这里

return new ModelAndView(user.getAdmin() == 1 ? "admin" : "home")

.addObject("id", user.getId())

.addObject("username", user.getName())

.addObject("description", user.getDescription())

.addObject("isAdmin", user.getAdmin() == 1 ? "admin" : "user");

}

@RequestMapping(value = "home", method = RequestMethod.GET)

public String home() {

return "admin";

}

}

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。