配置一个拦截器
@Component public class LoginInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) { if (request.getSession().getAttribute(Constant.CURRENT_USER) == null) { response.setStatus(RestResponseEnum.LOGIN_TIMEOUT.getCode()); return false; } else { return true; } } }
配置一个WebConfig
@Configuration public class WebConfig implements WebMvcConfigurer { @Autowired private LoginInterceptor loginInterceptor; @Override public void addInterceptors(InterceptorRegistry registry) {
// 只有登录接口才会被拦截到 registry.addInterceptor(loginInterceptor).addPathPatterns("/**").excludePathPatterns("/v1/login", "/v1/admin/login"); } }
LoginController
@RestController
public class LoginController {
@Autowired
private LoginService loginService;
@PostMapping("/v1/login")
public Object login(@RequestBody UserBean userBean, HttpServletRequest request, HttpServletResponse response) {
if (loginService.checkLogin(userBean)) {
response.setStatus(RestResponseEnum.SUCCESS.getCode());
request.getSession().setAttribute(Constant.CURRENT_USER, userBean);
return userBean;
}
RestResponseEnum loginError = RestResponseEnum.LOGIN_ERROR;
return RestErrorResponse.build().setErrorCode(loginError.getCode()).setMessage(loginError.getMsg()).getResult();
}
@PostMapping(value = "/v1/logout")
public void logout(HttpServletRequest request, HttpServletResponse response) {
if (loginService.getCurrentUser(request.getSession()) != null) {
request.getSession().invalidate();
response.setStatus(RestResponseEnum.SUCCESS.getCode());
}
}
}
LoginService
@Service public class LoginService { @Autowired private UserService userService; public boolean checkLogin(UserBean userBean) { User userOptional = userService.selectByPrimaryKey(userBean.getUserName()); if (userOptional == null)) { return false; } else if (!Md5EncryptionUtil.encrypt(userBean.getPassword()).equals(userOptional.getPassword())) { return false; } else { userBean.setPassword(null); userBean.setLoginTime(System.currentTimeMillis()); userBean.setNickName(userOptional.getNickname()); userBean.setEmail(userOptional.getEmail()); return true; } }public UserBean getCurrentUser(HttpSession session) { UserBean userBean = (UserBean) session.getAttribute(Constant.CURRENT_USER); return userBean; } }
UserBean
@Data public class UserBean { private String userName; private String password; private String newPassword; private String nickName; private String email; private String resultMsg = ""; private Long loginTime; private Integer errorType; public UserBean() { } public UserBean(User user) { userName = user.getUserName(); password = user.getPassword(); newPassword = ""; nickName = user.getNickname(); email = user.getEmail(); loginTime = System.currentTimeMillis(); } }
Constant
public class Constant { //保存用户信息的session public static final String CURRENT_USER = "CURRENT_USER"; }
controller返回值
public class RestErrorResponse { private Integer errorCode; private String message; private Object details; private JSONObject result; private RestErrorResponse() { } public static RestErrorResponse build() { return new RestErrorResponse(); } public Integer getErrorCode() { return errorCode; } public RestErrorResponse setErrorCode(Integer errorCode) { this.errorCode = errorCode; return this; } public String getMessage() { return message; } public RestErrorResponse setMessage(String message) { this.message = message; return this; } public Object getDetails() { return details; } public RestErrorResponse setDetails(Object details) { this.details = details; return this; } public void setResult(JSONObject result) { this.result = result; } @Override public String toString() { return getResult(); } public String getResult() { result = new JSONObject(); JSONObject errorJson = new JSONObject(); errorJson.put("code", errorCode); errorJson.put("message", message); errorJson.put("details", details); result.put("error", errorJson); return result.toString(); } }
错误枚举
public enum RestResponseEnum { /* */ SUCCESS(200, "成功"), UNKNOWN_ERROR(-1, "未知错误"), EQUIPMENT_ERROR(511, "操作设备失败"), EXCEL_DOWNLOAD_ERROR(516, "EXCEL下载失败"), EXCEL_UPLOAD_ERROR(517, "EXCEL上传失败"), /* error result about login*/ LOGIN_ERROR(501, "用户登录失败"), ADMIN_LOGIN_ERROR(502, "管理员登录失败"), /* error result about user*/ USER_ERROR(506, "操作用户失败"), LOGIN_TIMEOUT(600, "登录超时"); private Integer code; private String msg; RestResponseEnum(Integer code, String msg) { this.code = code; this.msg = msg; } public Integer getCode() { return code; } public String getMsg() { return msg; } }
session有效时间
application.yml
server: port: 9000 servlet: session: timeout: 10m