1. 登录页面login.jsp
登录页面
<form action="/user/login" method="post">
姓名:<input name="userName">
密码:<input name="password">
<button type="submit">提交</button>
</form>
2. 登录接口 /user/login
登录时可能会有两个异常,定义全局异常处理器
@PostMapping("/user/login")
@ResponseBody
public List<User> login(String userName, String password) {
UsernamePasswordToken token = new UsernamePasswordToken(userName, password);
Subject subject = SecurityUtils.getSubject();
subject.login(token);
System.out.println(subject.isPermitted("add"));
return userServiceI.queryAllUser();
}
3. 登出接口 /user/loginout
@GetMapping("/user/logout")
@ResponseBody
public String logout () {
Subject subject = SecurityUtils.getSubject();
String username = subject.getPrincipal().toString();
subject.logout();
return "ByeBye " + username;
}
3. 登出接口 /user/loginout
@GetMapping("/user/logout")
@ResponseBody
public String logout () {
Subject subject = SecurityUtils.getSubject();
String username = subject.getPrincipal().toString();
subject.logout();
return "ByeBye " + username;
}
4. 全局异常处理器
UnknownAccountException
IncorrectCredentialsException
@ControllerAdvice
public class MyExceptionHandler {
@ExceptionHandler(UnknownAccountException.class)
public String catchException1(Exception e, HttpServletRequest req, HttpServletResponse resp) {
System.out.println("账号不存在");
return "login";
}
@ExceptionHandler(IncorrectCredentialsException.class)
public String catchException2(Exception e, HttpServletRequest req, HttpServletResponse resp) {
System.out.println("密码错误");
return "login";
}
}
