牛客社区项目
创建项目
认识Spring
Spring Ioc
- Inversion 偶发Control
- 控制反转,是一种面向对象的设计思想。
- Dependecy Injection
- 依赖注入,是Ioc思想的实现方式。
- Ioc Container
- Ioc容器,是实现依赖注入的关键,本质上是一个工厂。
下面通过单元测试来认识上面提到的内容:
默认打开测试类是这样的——
当我们想要测试某个bean的时候,只需要给测试类添加上@ContenxtConfiguration注解来标注我们想要导入这个测试类的某些bean,详见@ContextConfiguration的用法_Kevin_Darcy的博客-CSDN博客
ApplicationContextAware:Aware接口的Bean在被初始化之后,可以获取到一些相对应的资源,Aware接口本身并不具备什么功能,一般用于子类继承后,Spring上下文初始化bean的时候对这个bean传入需要的资源。当一个类实现了ApplicationContextAware之后,这个类就能够得到ApplicationContext中的全部bean,换句话说,就是这个类能够直接获取spring配置文件中全部的bean对象。
当测试的接口被两个类同时实现时,若不处理的话会报异常,这个时候有两种做法:
一:在其中一个实现类上面加上@Primary注解
@Repository
@Primary
public class ExampleDaoMyBatis implements ExampleDao{@Overridepublic String select() {return "MyBatis";}
}
二:在注解中给实现类起名字,然后通过类名来访问
@Repository("ExampleDaoBibernate")
public class ExampleDaoBibernate implements ExampleDao{@Overridepublic String select() {return "hIbernate";}
}applicationContext.getBean("ExampleDaoBibernate", ExampleDao.class);当需要在Spring中使用别人写的类的时候,只需要将这个类配置到Spring中即可:
@Configuration
public class ExampleConfig {@Beanpublic SimpleDateFormat simpleDateFormat(){return new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");}
} @Testpublic void testBeanConfig(){System.out.println(applicationContext.getBean(SimpleDateFormat.class).format(new Date()));}认识Spring MVC
请求数据的两种方法
通过?
//GET请求// /student?current=1&limit=20@RequestMapping(path = "/students",method = RequestMethod.GET)@ResponseBodypublic String getStudents(@RequestParam(name = "current",required = false,defaultValue = "1") int Current,@RequestParam(name = "limit",required = false,defaultValue = "10") int Limit) {System.out.println(Current);System.out.println(Limit);return "some student";}@RequestParam注解中的name是指将前端中current的值传递给后端Current中,required默认为true表示前端必须传递值,如果不穿就会报错,因为我们不知道前端是否要传递值,所以改为false,同时如果前端没有传递值,那么我们就设定一个默认值作为前端传递的值。
通过/
// /student/123@RequestMapping(path = "/student/{id}",method = RequestMethod.GET)@ResponseBodypublic String getStudent(@PathVariable("id") int id){System.out.println(id);return "a student";}上面的这种方式是Restful风格的写法
响应数据的各种方式
返回属性
<!DOCTYPE html>
<html lang="en">
<head><meta charset="UTF-8"><title>增加学生</title>
</head>
<body>
<form method="post" action="/community/example/student"><p>姓名:<input type="text" name="name"></p><p>年龄:<input type="text" name="age"></p><p><input type="submit" value="保存"></p>
</body>
</form></html> //POST请求@RequestMapping(path = "/student",method = RequestMethod.POST)@ResponseBodypublic String saveStudent(String name,int age){System.out.println(name);System.out.println(age);return "success";}返回HTML页面
//响应HTML数据@RequestMapping(path = "/teacher",method = RequestMethod.GET)public ModelAndView getTeacher(){ModelAndView modelAndView = new ModelAndView();modelAndView.addObject("name","张三");modelAndView.addObject("age",30);modelAndView.setViewName("/demo/view");return modelAndView;} 
另外一种方式:
@RequestMapping(path = "/school",method = RequestMethod.GET)public String getSchool(Model model){model.addAttribute("name","西华大学");model.addAttribute("age",80);return "/demo/view";}返回JSON数据
@RequestMapping(path = "/emp",method = RequestMethod.GET)@ResponseBodypublic Map<String, Object> getEmp(){Map<String,Object> emp = new HashMap<>();emp.put("name","张三");emp.put("age",23);emp.put("salary",9000);return emp;} @RequestMapping(path = "/emps",method = RequestMethod.GET)@ResponseBodypublic List<Map<String, Object>> getEmps(){List<Map<String, Object>> list = new ArrayList<>();Map<String,Object> emp = new HashMap<>();emp.put("name","张三");emp.put("age",23);emp.put("salary",9000);list.add(emp);emp.put("name","李四");emp.put("age",24);emp.put("salary",9300);list.add(emp);emp.put("name","王五");emp.put("age",25);emp.put("salary",8000);list.add(emp);return list;}注册功能
访问注册页面
@Controller
public class LoginController {@RequestMapping(path = "/register",method = RequestMethod.GET)public String getRegisterPage(){return "/site/register";}
}提交注册数据
为了判断字符串和集合中的数据是否为空方便后面编程的需要,需要导入一个包:
<dependency><groupId>org.apache.commons</groupId><artifactId>commons-lang3</artifactId><version>3.9</version></dependency>因为注册的时候需要发送邮件,邮件中需要激活链接,这个链接就需要链接到本机地址,所以需要在配置文件中自定义配置本机地址:
community.path.domain=http://localhost:8080为了注册页面生成随机激活码和后面上传头像和设置密码,需要封装一个工具类:
public class CoumunityUtil {//生成随机字符串public static String generateUUID(){return UUID.randomUUID().toString().replace("-","");}/*** MD5加密* hello —> abc123def456* hello + 3e4a8 -> abc123def456abc* @param key* @return*/public static String md5(String key){if(StringUtils.isBlank(key)){return null;}/*** 作用:将传入的值加密成十六进制的字符串返回* DigestUtils是Spring自带的工具类*/return DigestUtils.md5DigestAsHex(key.getBytes());}
}
业务层:
@Service
public class UserService{@Autowiredprivate UserMapper userMapper;@Autowiredprivate TemplateEngine templateEngine;@Autowiredprivate MailClient mailClient;@Value("${community.path.domain}")private String domain;@Value("${server.servlet.context-path}")private String contextPath;public Map<String,Object> register(User user) throws IllegalAccessException {Map<String,Object> map = new HashMap<>();//空值处理if(user == null){throw new IllegalAccessException("参数不能为空");}if(StringUtils.isBlank(user.getUsername())){map.put("usernameMsg","账号不能为空!");return map;}if(StringUtils.isBlank(user.getPassword())){map.put("passwordMsg","密码不能为空!");return map;}if(StringUtils.isBlank(user.getEmail())){map.put("emailMsg","邮箱不能为空!");return map;}//验证账号User u = userMapper.selectByName(user.getUsername());if(u != null){map.put("usernameMsg","该账号已存在!");return map;}User e = userMapper.selectByEmail(user.getEmail());if(e != null){map.put("emailMsg","该邮箱已被注册!");return map;}//注册用户user.setSalt(CoumunityUtil.generateUUID().substring(0,5));user.setPassword(CoumunityUtil.md5(user.getPassword()) + user.getSalt());user.setType(0);user.setStatus(0);user.setActivationCode(CoumunityUtil.generateUUID());user.setHeaderUrl(String.format("http://images.nowcoder.com/head/%dt.png", new Random().nextInt(1000)));user.setCreateTime(new Date());userMapper.insertUser(user);//激活邮件Context context = new Context();context.setVariable("email",user.getEmail());// http://localhost:8080/community/activation/101/codeString url = domain + contextPath + "/activation/" + user.getId() + "/" + user.getActivationCode();context.setVariable("url",url);String content = templateEngine.process("/mail/activation", context);mailClient.sendMail(user.getEmail(),"激活账号",content);return map;}
}
控制层:
@Controller
public class LoginController{@Autowiredprivate UserService userService;@RequestMapping(path = "/register",method = RequestMethod.POST)public String register(Model model, User user) throws IllegalAccessException {Map<String,Object> map = userService.register(user);if(map == null || map.isEmpty()){model.addAttribute("msg","注册成功,我们已经向你的邮箱发送了一封激活邮件,请尽快激活");model.addAttribute("target","/index");return "/site/operate-result";}else {model.addAttribute("usernameMsg",map.get("usernameMsg"));model.addAttribute("passwordMsg",map.get("passwordMsg"));model.addAttribute("emailMsg",map.get("emailMsg"));return "/site/register";}}}激活注册账号
为了判断邮件的注册状态需要封装一个激活状态类:
public interface ActiveStatus {/*** 激活成功*/int ACTIVE_SUCCESS = 0;/*** 重复激活*/int ACTIVE_REPEAT = 1;/*** 激活失败*/int ACTIVE_FAILURE = 2;
}业务层:
@Service
public class UserService implements ActiveStatus {@Autowiredprivate UserMapper userMapper;public int activetion(int userId,String code){User user = userMapper.selectById(userId);System.out.println(user.getStatus());if(user.getStatus() == 1){return ACTIVE_REPEAT;} else if (user.getActivationCode().equals(code)) {userMapper.updateStatus(userId,1);return ACTIVE_SUCCESS;}else{return ACTIVE_FAILURE;}}
}
控制层:
@Controller
public class LoginController implements ActiveStatus {@Autowiredprivate UserService userService;@RequestMapping(path = "/activation/{userId}/{code}",method = RequestMethod.GET)public String activetion(Model model, @PathVariable("userId") int userId,@PathVariable("code") String code){int result = userService.activetion(userId, code);System.out.println(result);if(result == ACTIVE_SUCCESS){model.addAttribute("msg","激活成功,你的账号已经可以正常使用了!");model.addAttribute("target","/login");} else if (result == ACTIVE_REPEAT) {model.addAttribute("msg","无效操作,该账号已经激活过了!");model.addAttribute("target","/index");}else{model.addAttribute("msg","激活失败,你提供的激活码不正确!");model.addAttribute("target","/index");}return "/site/operate-result";}@RequestMapping(path = "/login",method = RequestMethod.GET)public String login(){return "/site/login";}
}
登录页面生成验证码功能
生成验证码需要一个工具Kaptcha
导入jia包:
<dependency><groupId>com.github.penggle</groupId><artifactId>kaptcha</artifactId><version>2.3.2</version></dependency>编写Kaptcha配置类:
@Configuration
public class KaptchaConfig {@Beanpublic Producer DefaultKaptcha(){Properties properties = new Properties();properties.setProperty("kaptcha.image.width","100");properties.setProperty("kaptcha.image.height","40");properties.setProperty("kaptcha.textproducer.font.size","32");properties.setProperty("kaptcha.textproducer.font.color","0,0,0");properties.setProperty("kaptcha.textproducer.char.string","0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ");properties.setProperty("kaptcha.textproducer.char.length","4");properties.setProperty("kaptcha.noise.impl","com.google.code.kaptcha.impl.NoNoise");DefaultKaptcha kaptcha = new DefaultKaptcha();Config config = new Config(properties);kaptcha.setConfig(config);return kaptcha;}
}上面将Kaptcha包里面的Producer类装配到Spring容器中,Producer是一个接口,它里面就两个方法createImage(根据提供的文字生成图片)方法和createText(生成文字)方法:
DefaultKaptcha是Producer的实现类,它里面就有上面提到的两个方法,但是里面的参数配置比较麻烦,为了实现我们的目的,我们需要自己写一个配置 ,所以需要将配置类Properties对象创建出来,在里面写我们的逻辑,然后配置文件需要装配,所以创建出装配类Congif。最后再使用DefaultKaptcha里面的setConfig方法将配置对象穿进去,将我们的配置加入到Producer配置文件中。关于配置类Properties和装配类Config可以看下面这两篇文章。
(8条消息) Properties类的用法总结_源码复兴号的博客-CSDN博客
(8条消息) 独家解读:简单又强大的配置文件 Config 读写类_config类_曾经去过跨越一个小时的地方的博客-CSDN博客生成随机字符串生成图片
@Controller
public class LoginController implements ActiveStatus {@Autowiredprivate Producer defaultKaptcha;@RequestMapping(path = "/kaptcha",method = RequestMethod.GET)public void generateKaptcha(HttpServletResponse response, HttpSession session){//生成字符串String text = defaultKaptcha.createText();//生成图片BufferedImage image = defaultKaptcha.createImage(text);//将text存储到session中session.setAttribute("Kaptcha",text);//将图片输出给浏览器response.setContentType("image/png");try {OutputStream outputStream = response.getOutputStream();ImageIO.write(image,"png",outputStream);} catch (IOException e) {throw new RuntimeException(e);}}
}
开发登录、退出功能
开发功能
因为登录页面有一个记住我功能,是否勾选它的设定缓存时间是不同的,所以需要把他们设置到常量中:
/*** 设置默认登陆状态的超时时间*/int DEFAULT_EXPIRED_SECONDS = 3600 * 12;/*** 设置勾选记住我状态登录凭证的超时时间*/int REMEMBER_EXPIRED_SECONDS = 3600 * 24 * 100;dao层:
@Mapper
public interface LoginTicketMapper {@Insert({"insert into login_ticket(user_id,ticket,status,expired) ","values(#{userId},#{ticket},#{status},#{expired})"})@Options(useGeneratedKeys = true,keyProperty = "id") //表示如果插入的表id以自增列为主键,则允许 JDBC 支持自动生成主键,并可将自动生成的主键id返回。 useGeneratedKeys参数只针对 insert 语句生效,默认为 falseint insertLoginTicket(LoginTicket loginTicket);@Select({"select id,user_id,ticket,status,expired ","from login_ticket where ticket=#{ticket}"})LoginTicket selectByTicket(String ticket);@Update({"<script>","update login_ticket set status=#{status} where ticket=#{ticket} ","<if test=\\"ticket!=null\\"> ","and 1=1 ","</if>","</script>"})int updateStatus(String ticket,int status);
}上面注意一点自增主键的设置:
@Options(useGeneratedKeys = true,keyProperty = "id") //表示如果插入的表id以自增列为主键,则允许 JDBC 支持自动生成主键,并可将自动生成的主键id返回。 useGeneratedKeys参数只针对 insert 语句生效,默认为 false业务层:
@Service
public class UserService implements CommunityConstant {@Autowiredprivate UserMapper userMapper;@Autowiredprivate LoginTicketMapper loginTicketMapper;@Value("${server.servlet.context-path}")private String contextPath;public Map<String,Object> login(String username,String password,int expiredSeconds){Map<String,Object> map = new HashMap<>();//验证账号是否为空if(StringUtils.isBlank(username)){map.put("usernameMsg","账号不能为空");return map;}//验证密码是否为空if(StringUtils.isBlank(password)){map.put("passwordMsg","密码不能为空");return map;}//验证账号是否存在User user = userMapper.selectByName(username);if(user==null){map.put("usernameMsg","该账号不存在");return map;}//验证密码是否正确password = CoumunityUtil.md5(password + user.getSalt());if(!user.getPassword().equals(password)){map.put("passwordMsg","密码不正确");return map;}//验证激活状态if(user.getStatus()==0){map.put("usernameMsg","该账号未激活");return map;}//生成登录凭证LoginTicket loginTicket = new LoginTicket();loginTicket.setUserId(user.getId());loginTicket.setTicket(CoumunityUtil.generateUUID());loginTicket.setStatus(0);loginTicket.setExpired(new Date(System.currentTimeMillis() + expiredSeconds * 1000));loginTicketMapper.insertLoginTicket(loginTicket);map.put("ticket",loginTicket.getTicket());return map;}
}控制层:
@Controller
public class LoginController implements CommunityConstant {@Autowiredprivate UserService userService;@RequestMapping(path = "/login",method = RequestMethod.POST)public String login(String username,String password,String code,boolean rememberme,Model model,HttpSession session,HttpServletResponse response){//检查验证码是否正确String kaptcha = (String) session.getAttribute("Kaptcha");if(StringUtils.isBlank(kaptcha) || StringUtils.isBlank(code) || !kaptcha.equalsIgnoreCase(code)){model.addAttribute("codeMsg","验证码不正确");return "/site/login";}//检查账号密码是否正确int expiredSeconds = rememberme ? REMEMBER_EXPIRED_SECONDS : DEFAULT_EXPIRED_SECONDS;Map<String, Object> map = userService.login(username, password, expiredSeconds);if(map.containsKey("ticket")){Cookie cookie = new Cookie("ticket", map.get("ticket").toString());cookie.setPath(contextPath);cookie.setMaxAge(expiredSeconds);response.addCookie(cookie);return "redirect:/index";}else{model.addAttribute("usernameMsg",map.get("usernameMsg"));model.addAttribute("passwordMsg",map.get("passwordMsg"));return "/site/login";}}
}
退出功能
业务层:
@Service
public class UserService implements CommunityConstant {@Autowiredprivate LoginTicketMapper loginTicketMapper;public void logout(String ticket){loginTicketMapper.updateStatus(ticket, 1);}
}控制层:
@Controller
public class LoginController implements CommunityConstant {@Autowiredprivate UserService userService;@RequestMapping(path = "/logout",method = RequestMethod.GET)public String logout(@CookieValue("ticket") String ticket){userService.logout(ticket);return "redirect:/login";}
}显示登录信息功能
页面要根据用户的登陆状态显示不同的信息,比如用户登陆以后页面中的导航栏就只能显示首页、消息、个人中心等功能键。用户未登录就要显示首页、注册、登录等功能。为了显示这样的就需要实现拦截器功能来判断用户的登录状态。之前在用户登录的业务里面当用户登录以后我们会给浏览器一个ticket,所以只要通过这个ticket凭证就能判断用户是否登录。
业务大致流程:
拦截器和拦截规则的示例
@Component
public class AlphaInterceptor implements HandlerInterceptor {private static final Logger logger = LoggerFactory.getLogger(AlphaInterceptor.class);//在Controller之前执行@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {logger.debug("preHandle:" + handler.toString());return true;}//在Controller之后执行@Overridepublic void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {logger.debug("postHandle:" + handler.toString());}//在TemplateEngin之后执行@Overridepublic void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {logger.debug("afterCompletion" + handler.toString());}
}@Configuration
public class WebMvcConfig implements WebMvcConfigurer {@Autowiredprivate AlphaInterceptor alphaInterceptor;@Overridepublic void addInterceptors(InterceptorRegistry registry) {registry.addInterceptor(alphaInterceptor).excludePathPatterns("/**/*.css","/**/*.js","/**/*.png","/**/*.jpg","/**/*.jpeg").addPathPatterns("/register","/login");}
}配置拦截器和拦截规则
@Component
public class HostHolder {private ThreadLocal<User> users = new ThreadLocal<>();public void setUsers(User user){users.set(user);}public User getUser(){return users.get();}public void clear(){users.remove();}}public class CookieUtil {public static String getValue(HttpServletRequest request,String name) throws IllegalAccessException {if(request==null || name == null){throw new IllegalAccessException("参数为空!");}Cookie[] cookies = request.getCookies();if(cookies != null){for (Cookie cookie: cookies) {if(cookie.getName().equals(name)){return cookie.getValue();}}}return null;}
}@Component
public class LoginInterceptor implements HandlerInterceptor {@Autowiredprivate HostHolder hostHolder;@Autowiredprivate UserService userService;@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {//从cookie中获取凭证String ticket = CookieUtil.getValue(request, "ticket");if(ticket != null){//查询凭证LoginTicket loginTicket = userService.selectByTicket(ticket);//检验凭证是否有效if(loginTicket != null && loginTicket.getStatus() == 0 && loginTicket.getExpired().after(new Date())){//根据凭证查询用户User user = userService.findUserById(loginTicket.getUserId());//在本次请求中持有用户hostHolder.setUsers(user);}}return true;}@Overridepublic void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {User user = hostHolder.getUser();if(user != null && modelAndView != null){modelAndView.addObject("loginUser",user);}}@Overridepublic void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {hostHolder.clear();}
}@Configuration
public class WebMvcConfig implements WebMvcConfigurer {@Autowiredprivate LoginInterceptor loginInterceptor;@Overridepublic void addInterceptors(InterceptorRegistry registry) {registry.addInterceptor(loginInterceptor).excludePathPatterns("/**/*.css","/**/*.js","/**/*.png","/**/*.jpg","/**/*.jpeg");}
}@Service
public class UserService implements CommunityConstant {@Autowiredprivate LoginTicketMapper loginTicketMapper;public LoginTicket selectByTicket(String ticket){return loginTicketMapper.selectByTicket(ticket);}
}
实现上传文件和修改密码功能
访问账号设置页面
@Controller
@RequestMapping("/user")
public class UserController {@RequestMapping(path = "/setting",method = RequestMethod.GET)public String getSettingPage(){return "/site/setting";}
}上传头像和获取头像
#配置上传头像要到的文件路径
community.path.upload=C:/Users/86158/Pictures/headerImage
#配置Spring中文件上传的的上限
spring.servlet.multipart.maxFileSize=10MB
spring.servlet.multipart.maxRequestSize=20MB@Controller
@RequestMapping("/user")
public class UserController {private static final Logger logger = LoggerFactory.getLogger(UserController.class);@Value("${community.path.upload}")private String uploadPath;@Value("${community.path.domain}")private String domain;@Value("${server.servlet.context-path}")private String contextPath;@Autowiredprivate UserService userService;@Autowiredprivate HostHolder hostHolder;@RequestMapping(path = "/setting",method = RequestMethod.GET)public String getSettingPage(){return "/site/setting";}@RequestMapping(path = "/upload",method = RequestMethod.POST)public String uploadHeader(MultipartFile headerImage, Model model){if(headerImage==null){model.addAttribute("error","你还没有选择图片");return "/site/setting";}String fileName = headerImage.getOriginalFilename();String suffix = fileName.substring(fileName.lastIndexOf("."));if(StringUtils.isBlank(suffix)){model.addAttribute("error","文件格式不正确!");return "/site/setting";}//生成随机文件名fileName = CoumunityUtil.generateUUID() + suffix;//确定文件存放的路径File dest = new File(uploadPath + "/" + fileName);try {headerImage.transferTo(dest);} catch (IOException e) {logger.error("上传文件失败: " + e.getMessage());throw new RuntimeException("上传文件失败,服务器发生异常!",e);}//更新当前用户的头像的路径(web访问路径)// http://localhost:8080/community/user/header/xxx.pngUser user = hostHolder.getUser();String headerUrl = domain + contextPath + "/user/header/" + fileName;userService.updateHeader(user.getId(),headerUrl);return "redirect:/index";}@RequestMapping(path = "/header/{fileName}",method = RequestMethod.GET)public void getHeader(@PathVariable("fileName") String fileName, HttpServletResponse response){//服务器存储路径fileName = uploadPath + "/" + fileName;//文件后缀String suffix = fileName.substring(fileName.lastIndexOf("."));//响应图片response.setContentType("image/" + suffix);try(FileInputStream fis = new FileInputStream(fileName);ServletOutputStream os = response.getOutputStream();) {byte[] buffer = new byte[1024];int b = 0;while((b = fis.read(buffer)) != -1){os.write(buffer,0,b);}} catch (IOException e) {logger.error("读取头像失败: " + e.getMessage());}}
}@Service
public class UserService implements CommunityConstant {@Autowiredprivate UserMapper userMapper;public int updateHeader(int userId,String headerUrl){return userMapper.updateHeader(userId, headerUrl);}}修改密码
业务层:
@Service
public class UserService implements CommunityConstant {@Autowiredprivate UserMapper userMapper;public Map<String,Object> updatePassword(User user,String prePassword,String curPassword,String repeatPassword){Map<String,Object> map = new HashMap<>();//判断旧密码是否为空if(StringUtils.isBlank(prePassword)){map.put("prePasswordMsg","原先密码不能为空");return map;}//判断新密码是否为空if(StringUtils.isBlank(curPassword)){map.put("curPasswordMsg","新密码不能为空");return map;}//判断新密码和旧密码是否相同if(prePassword.equals(curPassword)){map.put("curPasswordMsg","新密码不能和旧密码相同");return map;}//判断新密码和重复密码是否一致if(!curPassword.equals(repeatPassword)){map.put("repeatPasswordMsg","重复密码与新密码不一致");return map;}//执行更新密码String password = CoumunityUtil.md5(curPassword+user.getSalt());int result = userMapper.updatePassword(user.getId(), password);if(result != 1){map.put("curPasswordMsg","更新密码失败");return map;}return map;}
}
控制层:
@Controller
@RequestMapping("/user")
public class UserController {private static final Logger logger = LoggerFactory.getLogger(UserController.class);@Autowiredprivate UserService userService;@Autowiredprivate HostHolder hostHolder;@RequestMapping(path = "/modify/password",method = RequestMethod.POST)public String modifyPassword(Model model, String prePassword, String curPassword,String repeatPassword){User user = hostHolder.getUser();Map<String,Object> map = new HashMap<>();map = userService.updatePassword(user,prePassword,curPassword,repeatPassword);if(!map.isEmpty()){model.addAttribute("prePasswordMsg",map.get("prePasswordMsg"));model.addAttribute("curPasswordMsg",map.get("curPasswordMsg"));model.addAttribute("repeatPasswordMsg",map.get("repeatPasswordMsg"));return "/site/setting";}else{return "redirect:/login";}}
}
检查登录状态
上面常用的元注解的含义:
@Target注解用于描述注解的使用范围,也就是描述注解可以用在什么地方,它可以作用在——
@Target(ElementType.TYPE)——接口、类、枚举、注解
@Target(ElementType.FIELD)——字段、枚举的常量
@Target(ElementType.METHOD)——方法
@Target(ElementType.PARAMETER)——方法参数
@Target(ElementType.CONSTRUCTOR) ——构造函数
@Target(ElementType.LOCAL_VARIABLE)——局部变量
@Target(ElementType.ANNOTATION_TYPE)——注解
@Target(ElementType.PACKAGE)——包,用于记录java文件的package信息
@Retention注解用来描述注解的生命周期
@Retention 注解传入的是 RetentionPolicy 枚举,该枚举有三个常量,分别是 SOURCE、CLASS 和 RUNTIME
三者区别如下:
SOURCE 代表着注解仅保留在源级别中,编译器将Java文件编译成class文件时将之遗弃。
CLASS 代表着注解被保留在class文件中,JVM加载class文件时将之遗弃。
RUNTIME 代表着标记的注解会由JVM保留,因此运行时环境可以使用它。
@Document注解表示是否开启日志文件
@Inherited注解表示是否继承
因为在业务中有很多方法需要在用户未登录的情况下进行拦截,所以为了方便只需要在需要进行拦截的方法上面加上自定义的拦截注解即可,所以我们需要编制自定义的注解:
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface LoginRequired {}在获取设置页面和上传头像两个功能上面加上自定义注解
然后配置拦截器和拦截规则
@Component
public class LoginRequiredInterceptor implements HandlerInterceptor {@Autowiredprivate HostHolder hostHolder;@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {if(handler instanceof HandlerMethod){HandlerMethod handlerMethod = (HandlerMethod) handler;Method method = handlerMethod.getMethod();LoginRequired annotation = method.getAnnotation(LoginRequired.class);if(annotation != null && hostHolder.getUser() == null){response.sendRedirect(request.getContextPath() + "/login");return false;}}return true;}
}@Configuration
public class WebMvcConfig implements WebMvcConfigurer {@Autowiredprivate LoginRequiredInterceptor loginRequiredInterceptor;@Overridepublic void addInterceptors(InterceptorRegistry registry) {registry.addInterceptor(loginRequiredInterceptor).excludePathPatterns("/**/*.css","/**/*.js","/**/*.png","/**/*.jpg","/**/*.jpeg");}
}过滤敏感词
前缀树算法
根据前缀树的特点将敏感词挂载到树上:
定义三个指针,指针1指向根节点,指针2和指针3指向文本的开头。
