- 首先,我们一般在登录时将用户名或id存入session
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpSession;
@Controller
public class LoginController {
@PostMapping("/login")
public String login(@RequestParam("userName") String userName,
@RequestParam("password") String password,
Model model, HttpSession session){
if(!StringUtils.isEmpty(userName)&&password.equals("1")){
session.setAttribute("loginUser",userName);
return "hello";
}else {
model.addAttribute("message","登录失败");
return "login";
}
}
}
-
接下来,配置session拦截器
- webconfig配置
//注册拦截器 @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(new TokenInterceptor()).addPathPatterns("/**") .excludePathPatterns("/","index.html","/login"); }- SessionInterceptor.java
public class SessionInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Object user=request.getSession().getAttribute("loginUser");
if(user==null){
request.setAttribute("message","没有权限,请先登录");
request.getRequestDispatcher("/").forward(request,response);
return false;
}else {
return true;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
- 在html里使用session里的数据
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Hello</title>
</head>
<body>
<p>[[${session.loginUser}]]</p>
<p th:text="${session.loginUser}"></p>
</body>
</html>
Comments | 0 条评论