Java项目实战笔记（瑞吉外卖）-2

后台登录功能开发

代码开发
创建相关的包

登录的实体类Employee

package com.itheima.reggie.entity;import com.baomidou.mybatisplus.annotation.FieldFill;
import com.baomidou.mybatisplus.annotation.TableField;
import lombok.Data;
import java.io.Serializable;
import java.time.LocalDateTime;/* 员工实体*/
@Data
public class Employee implements Serializable {private static final long serialVersionUID = 1L;private Long id;private String username;private String name;private String password;private String phone;private String sex;private String idNumber;//身份证号码private Integer status;private LocalDateTime createTime;private LocalDateTime updateTime;@TableField(fill = FieldFill.INSERT)private Long createUser;@TableField(fill = FieldFill.INSERT_UPDATE)private Long updateUser;}

EmployeeMapper

package com.itheima.reggie.mapper;import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.itheima.reggie.entity.Employee;
import org.apache.ibatis.annotations.Mapper;@Mapper
public interface EmployeeMapper extends BaseMapper<Employee> {}

EmployeeService

package com.itheima.reggie.service;import com.baomidou.mybatisplus.extension.service.IService;
import com.itheima.reggie.entity.Employee;public interface EmployeeService extends IService<Employee> {
}

EmployeeServiceImpl

package com.itheima.reggie.service.impl;import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.itheima.reggie.entity.Employee;
import com.itheima.reggie.mapper.EmployeeMapper;
import com.itheima.reggie.service.EmployeeService;
import org.springframework.stereotype.Service;@Service
public class EmployeeServiceImpl extends ServiceImpl<EmployeeMapper, Employee> implements EmployeeService {}

自定义返回的结果类R
创建一个新的common包，用来存放共同使用的类，设计表现层返回结果的模型类，用于后端与前端进行数据格式统一

package com.itheima.reggie.common;import lombok.Data;
import java.util.HashMap;
import java.util.Map;/* 通用的返回结果，服务端响应的数据最终会封装成该对象* @param <T>*/
@Data
public class R<T> {private Integer code; //编码：1成功，0和其它数字为失败private String msg; //错误信息private T data; //数据private Map map = new HashMap(); //动态数据public static <T> R<T> success(T object) {R<T> r = new R<T>();r.data = object;r.code = 1;return r;}public static <T> R<T> error(String msg) {R r = new R();r.msg = msg;r.code = 0;return r;}public R<T> add(String key, Object value) {this.map.put(key, value);return this;}}

静态资源映射WebMvcConfig

package com.itheima.reggie.config;import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;@Slf4j
@Configuration
public class WebMvcCofig extends WebMvcConfigurationSupport {/* 设置静态资源映射* @param registry*/@Overrideprotected void addResourceHandlers(ResourceHandlerRegistry registry) {log.info("开始静态资源映射");registry.addResourceHandler("/backend/").addResourceLocations("classpath:/backend/");registry.addResourceHandler("/front/").addResourceLocations("classpath:/front/");}
}

登录对应的EmployeeController类

package com.itheima.reggie.controller;import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.itheima.reggie.common.R;
import com.itheima.reggie.entity.Employee;
import com.itheima.reggie.service.EmployeeService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;import javax.servlet.http.HttpServletRequest;@Slf4j
@RestController
@RequestMapping("/employee")
public class EmployeeController {@Autowiredprivate EmployeeService employeeService;/* 员工登录* @param request* @param employee* @return*/@PostMapping("/login")public R<Employee> login(HttpServletRequest request, @RequestBody Employee employee){//1、将页面提交的密码password进行md5加密处理String password = employee.getPassword();password = DigestUtils.md5DigestAsHex(password.getBytes());//2、根据页面提交的用户名username查询数据库LambdaQueryWrapper<Employee> queryWrapper = new LambdaQueryWrapper<>();queryWrapper.eq(Employee::getUsername, employee.getUsername());Employee emp = employeeService.getOne(queryWrapper);//3、如果没有查询到则返回登录失败结果if(emp == null){return R.error("登陆失败");}//4、密码比对，如果不一致则返回登录失败结果if(!emp.getPassword().equals(password)){return R.error("登陆失败");}//5、查看员工状态，如果为已禁用状态，则返回员工已禁用结果if(emp.getStatus() == 0){return R.error("账号已禁用");}//6、登录成功，将员工id存入Session并返回登录成功结果request.getSession().setAttribute("employee", emp.getId());return R.success(emp);}
}

后台退出功能开发

需求分析
员工登录成功后，页面跳转到后台系统首页面( backend/index.html)，此时会显示当前登录用户的姓名：
如果员工需要退出系统，直接点击右侧的退出按钮即可退出系统，退出系统后页面应跳转回登录页面
代码开发
用户点击页面中退出按钮，发送请求，请求地址为/employee/logout,请求方式为post。我们只需要在 Controller中创建对应的处理方法即可,具体的处理逻辑：

1. 清理 Session中的用户id
2. 返回结果（前端页面会进行跳转到登录页面）

 /* 员工退出* @param request* @return*/@PostMapping("/logout")public R<String> logout(HttpServletRequest request){request.getSession().removeAttribute("employee");return R.success("退出成功");}

完善登陆功能

问题分析
前面的登陆存在一个问题，如果用户不进行登陆，直接访问系统的首页，照样可以正常访问，这种设计是不合理的，我们希望看到的效果是只有完成了登陆后才可以访问系统中的页面，如果没有登陆则跳转到登陆页面
解决办法
使用过滤器或者是拦截器，在拦截器或者是过滤器中判断用户是否已经完成了登陆，如果没有登陆则跳转到登陆页面
代码实现

1. 创建自定义过滤器 LoginCheckFilter
2. 在启动类上加入注解@ServletComponentScan
3. 完善过滤器的处理逻辑

package com.itheima.reggie.filter;import com.alibaba.fastjson.JSON;
import com.itheima.reggie.common.R;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.AntPathMatcher;import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;/* 过滤器：检查用户是否完成登录* filterName过滤器名字* urlPatterns拦截的请求，这里是拦截所有的请求*/
@Slf4j
@WebFilter(filterName = "loginCheckFilter",urlPatterns = "/*")
public class LoginCheckFilter implements Filter {//路径匹配器，支持通配符public static final AntPathMatcher PATH_MATCHER = new AntPathMatcher();@Overridepublic void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {//对请求和响应进行强转,我们需要的是带http的HttpServletRequest request = (HttpServletRequest) servletRequest;HttpServletResponse response = (HttpServletResponse) servletResponse;//1、获取本次请求的URIString requestURL = request.getRequestURI();//定义不需要处理的请求路径  比如静态资源(静态页面我们不需要拦截,因为此时的静态页面是没有数据的)String[] urls = new String[]{"/employee/login","/employee/logout","/backend/","/front/"};//做调试用的log.info("拦截到请求：{}",requestURL);//2、判断本次请求是否需要处理boolean check = check(urls, requestURL);//3、如果不需要处理，则直接放行if(check){log.info("本次请求{}不需要处理",requestURL);filterChain.doFilter(request,response);return;}//4、判断登录状态，如果已登录，则直接放行if(request.getSession().getAttribute("employee") != null){log.info("用户已登录，用户id为：{}",request.getSession().getAttribute("employee"));filterChain.doFilter(request,response);return;}log.info("用户未登录");//5、如果未登录则返回未登录结果，通过输出流方式向客户端页面响应数据,具体响应什么数据，看前端的需求，然后前端会根据登陆状态做页面跳转response.getWriter().write(JSON.toJSONString(R.error("NOTLOGIN")));return;}/* 路径匹配，检查本次请求是否需要放行* @param urls* @param requestURI* @return*/public boolean check(String[] urls, String requestURI){for (String url : urls) {//把浏览器发过来的请求和我们定义的不拦截的url做比较，匹配则放行boolean match = PATH_MATCHER.match(url, requestURI);if(match){return true;}}return false;}
}