Spring+Session+interceptor+ajax(拦截器)的登陆和退出

方法一使用servlet自带的HttpSession

注意点： HttpSession应该作为方法的参数

//登入
 public  boolean customerLogin(HttpSession httpSession) { 
　　　　httpSession.setAttribute( "customer" , customer); 
}

// 退出
public String customerOut(HttpSession httpSession) { 
        
        httpSession.removeAttribute( "customer" );
           return "login" ; 
    }

方法二：使用spring的@SessionAttributes("logincustomer")

//登入
@Controller 
@SessionAttributes("logincustomer")
public classCustomerController {
    publicJSONObject customerLogin(@RequestBody JSONObject json, ModelMap model,HttpServletResponse response) {
    model.addAttribute( "logincustomer" , logincustomer);
    }
}

// 退出  
@RequestMapping(value = "customerout" )
      public String customerOut(SessionStatus sessionStatus) { 
        sessionStatus.setComplete(); // 只对@SessionAttributes("customer")有用，对HttpSession没用
          // 使用sessionStatus.setComplete( );会将所有的session全部清掉，
        return "login" ; 
    }

拦截器(interceptor)

注意：拦截器跟ajax结合用的话使用这条语句response.sendRedirect(request. getContextPath()+"/login.jsp");实现不了调转，要把结果传给前端，再在前端上实现跳转

因此要判断请求是否是ajax请求

package com.dessert.interceptor;

import java.io.OutputStream;
  import java.io.PrintStream;

import javax.servlet.ServletOutputStream;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import javax.servlet.http.HttpSession;

import org.springframework.web.servlet.ModelAndView;
  import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

public  class CommonInterceptor extends HandlerInterceptorAdapter {
      /* 
     *在拦截器中中有三个方法：
     * preHandler：在进入Handler方法之前执行了，使用于身份认证，身份授权，登陆校验等，比如身份认证，用户没有登陆，拦截不再向下执行，
     *返回值为false，即可实现拦截；否则，返回true时，拦截不进行执行； postHandler 
     * :进入Handler方法之后，返回ModelAndView之前执行，使用场景从ModelAndView参数出发，比如，将公用的模型数据在这里传入到视图，
     *也可以统一指定显示的视图等； afterHandler :在执行Handler完成后执行此方法，使用于统一的异常处理，统一的日志处理等；
     */ 
    @ Override 
    public  boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
              throws Exception { 
         HttpSession session =request.getSession();
              if (session.getAttribute("logincustomer") != null ) {
  //                 System.out.println(session.getAttribute("costomer")); 
                return  true ; 
            } 
            // 如果是ajax请求，请求头会有x-requested-with  
            String requestWith = request.getHeader("x-requested-with" );
              if (requestWith != null && requestWith.equalsIgnoreCase("XMLHttpRequest" )){
                  if (session.getAttribute("logincustomer") == null ) {
                      return  false ;
                } else  if (session.getAttribute("logincustomer") != null ) {
                      return  true ; 
                } 
            } else { 
                response.sendRedirect(request. getContextPath() +"/login.jsp" ); 
            } 
            return  false ; 
    } 

    @Override 
    public  void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, 
            ModelAndView modelAndView) throws Exception { 
    } 

    @Override
    public  void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
              throws Exception { 
    } 
}

springmvc中对拦截器的配置

< mvc:interceptors > 
        < mvc:interceptor > 
            <!-- 匹配的是url路径，如果不配置或/**,将拦截所有的Controller --> 
            < mvc:mapping path ="/**"  /> 
            < !-- <mvc:exclude-mapping path="/index.jsp" /> --> 
            < mvc:exclude-mapping path ="/*login"  /> 
            < mvc:exclude-mapping path ="/forgotpwd"  / > 
            < mvc:exclude-mapping path ="/customerregister"  /> 
            < mvc:exclude-mapping path ="/vaildtel"  /> 
            <mvc:exclude-mapping path ="/css/**"  /> 
            < mvc:exclude-mapping path ="/js/**"  /> 
            < mvc:exclude-mapping path ="/myutil/**"  /> 
            < mvc:exclude- mapping path ="/images/**"  /> 
            <!-- <mvc:exclude-mapping path="/*.html" /> --> 
            < bean class ="com.dessert.interceptor .CommonInterceptor" > 
            < / bean > 
        </ mvc:interceptor > 
        <!-- 当设置多个拦截器时，先按顺序调用preHandle方法，然后逆序调用每个拦截器的postHandle和afterCompletion方法-->
</ mvc:interceptors >