SpringAOPによるログイン検証
3932 ワード
ログイン操作を除くすべての操作がログイン済みに設定されていることを要求します...
Spring AOPの使用は簡単なだけでなく、他の部品にも影響しません.
次の具体的なコードを実装します.
package com.joey.util;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
/**
* AOP
*/
@Component
@Aspect
public class LoginHelper {
private static Logger logger = LogManager.getLogger(LoginHelper.class.getName());
@Pointcut("within(com.joey.controller..*)&&!within(com.joey.controller.IndexController)") // IndexController
public void login() {
}
@Around("login()")
public Object auth(ProceedingJoinPoint joinPoint) throws Throwable {
// session
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String username = (String) request.getSession().getAttribute("username");
if (username == null) {
logger.info(" ");
return new ModelAndView("redirect:/login");
}
logger.info("username: " + username);
return joinPoint.proceed();
}
}
セッションからユーザ情報を取得する以上、必ず保存しておきます.ユーザー名はログインメソッドから保存できます
package com.joey.controller;
import com.joey.model.User;
import com.joey.service.UserService;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
@Controller
@RequestMapping("/")
public class IndexController {
private static Logger logger = LogManager.getLogger(IndexController.class.getName());
@Resource(name = "userService")
private UserService userService;
@RequestMapping(value = {"", "index", "login"}, method = RequestMethod.GET)
public String index() {
return "login";
}
/**
* /
*
* @param username
* @param password
* @return
*/
@RequestMapping(value = {"login"}, method = RequestMethod.POST)
public ModelAndView login(HttpServletRequest request, String username, String password) {
int id;
try {
id = userService.login(username, password);
} catch (Exception e) {
e.printStackTrace();
logger.info("not found");
return new ModelAndView("login")
.addObject("msg", "Try Again");
}
User user = userService.selectByPrimaryKey(id);
request.getSession().setAttribute("username", user.getName()); // username session
return new ModelAndView(user.getAdmin() == 1 ? "admin" : "home")
.addObject("id", user.getId())
.addObject("username", user.getName())
.addObject("description", user.getDescription())
.addObject("isAdmin", user.getAdmin() == 1 ? "admin" : "user");
}
@RequestMapping(value = "home", method = RequestMethod.GET)
public String home() {
return "admin";
}
}
完~