后台登录功能实现
作者:互联网
思路:
1.后端拿到用户登录信息
2.去数据库查找登录用户名(可用Ajax技术在前端判断用户名是否存在)
3.用户名存在则对前端传过来的密码进行加密,将加密结果与数据库的密码比对
4.加拦截器
前端:// 进行登录操作
form.on('submit(login)', function (data) {
console.log(data);
//发送登录请求
$.post("/admin/employee/login",data.field,function(result){
if(result.success){
location.href="/admin/home.html";
}else{
layer.msg(result.message);
}
},"json");
return false;
});
后端:
控制器:@RequestMapping("/login")
public String login(String username, String password, HttpSession session){
Map<String,Object> map = new HashMap<String,Object>();
//调用员工登录的方法
Employee employee = employeeService.login(username, password);
//判断对象是否为空,不为空表示登录成功
if(employee!=null){
//保存当前登录用户
session.setAttribute(SystemConstant.LOGINUSER,employee);
map.put(SystemConstant.SUCCESS,true);//成功
}else{
map.put(SystemConstant.SUCCESS,false);//失败
map.put(SystemConstant.MESSAGE,"账号密码错误,登录失败");
}
return JSON.toJSONString(map);
}
dao层:/**
* 根据登录账号查询员工信息
* @param loginName
* @return
*/
Employee findEmployeeByLoginName(String loginName);
mapper:
<mapper namespace="com.pz.dao.EmployeeMapper">
<!-- 根据登录账号查询员工信息 -->
<select id="findEmployeeByLoginName" resultType="com.pz.entity.Employee">
select * from employee where loginName = #{loginName}
</select>
service:
@Service
@Transactional
public class EmployeeServiceImpl implements EmployeeService {
@Resource
private EmployeeMapper employeeMapper;
/**
* 员工登录
*
* @param loginName
* @param loginPwd
* @return
*/
public Employee login(String loginName, String loginPwd) {
//调用根据账号查询员工信息的方法
Employee employee = employeeMapper.findEmployeeByLoginName(loginName);
//判断对象是否为空
if (employee != null) {
//将密码加密处理
String newPassword = PasswordUtil.md5(loginPwd, employee.getSalt(), SystemConstant.PASSWORD_COUNT);
//比较密码是否一致
if (employee.getLoginPwd().equals(newPassword)) {
return employee;//登录成功
}
}
//登录失败
return null;
}
}
拦截器:
public class LoginInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//判断session是否为空
if(request.getSession().getAttribute(SystemConstant.LOGINUSER)==null){
//如果没有登录,则去到登录页面
response.sendRedirect(request.getContextPath()+"/admin/login.html");
return false;//验证失败,进行拦截
}
//验证通过
return true;
}
}
配置拦截器:
<mvc:interceptors>
<mvc:interceptor>
<!-- 拦截所有以/admin/开头的访问路径 -->
<mvc:mapping path="/admin/**"/>
<!-- 排除员工登录的访问路径 -->
<mvc:exclude-mapping path="/admin/employee/login"/>
<mvc:exclude-mapping path="/admin/login.html"/>
<!-- 注入拦截器 -->
<bean class="com.pz.interceptor.LoginInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
标签:功能,loginName,return,String,登录,employee,后台,login 来源: https://www.cnblogs.com/klearning/p/15704752.html