共计 3837 个字符,预计需要花费 10 分钟才能阅读完成。
用户新增的时候须要留神以下几点内容
1. 用户名是否惟一
2. 明码强度的校验
3. 明码要做 MD5 加密解决
4. 应用拦截器避免未登录就操作账户信息
动态资源(我这边用的略微多点,你们自取就好)
public static final String DEFAULT_PAGE_NUM = "1";
public static final String DEFAULT_PAGE_SIZE = "10";
private static final String SESSION_NAME = "_session_user";
private static final String URL = "/v1/user/login";
private RespMsgUtil respMsgUtil = new RespMsgUtil();
private final IUserService userService;
private final PageUtil<User> pageUtil;
private final Md5Util md5Util;
public static final String REGEX = "^(?![a-zA-z]+$)(?!d+$)(?![!@#$%^&*]+$)[a-zA-Zd!@#$%^&*]{8,20}$";
@Autowired
public UserController(IUserService userService, PageUtil<User> pageUtil, Md5Util md5Util) {
this.userService = userService;
this.pageUtil = pageUtil;
this.md5Util = md5Util;
}介绍一下校验用户名是否惟一、注册时用户名不能为空及明码强度测验的问题
public String save(UserRequest request) {
// 测验用户名不能为空,明码强度不能过低
if (StrUtil.isEmpty(request.getUsername())) {return respMsgUtil.getResposnMes(400, ""," 用户名不能为空 ", false);
}
if (!request.getPassword().matches(REGEX)) {return respMsgUtil.getResposnMes(400, ""," 明码强度过低或超出范围, 请从新设置明码 ", false);
}
// md5 加密
request.setPassword(md5Util.getMd5(request.getPassword()));
// 测验用户名是否惟一
User user1 = new User();
user1.setUserName(request.getUsername());
List<User> list = userService.queryAll(user1);
if (list.size() > 0) {return respMsgUtil.getResposnMes(400, ""," 用户名已存在 ", false);
}
PageUtil<UserRequest> pageUtil = new PageUtil<>();
String result;
try {User user = User.builder()
.userName(request.getUsername())
.passWord(request.getPassword())
.gmtCreated(new Date())
.gmtModified(new Date())
.build();
User insert = userService.insert(user);
if (Objects.nonNull(insert)) {result = respMsgUtil.getResposnMes(200, insert, "新增胜利", true);
} else {result = respMsgUtil.getResposnMes(400, ""," 新增失败 ", false);
}
} catch (Exception e) {log.info("新增用户失败", e);
result = respMsgUtil.getResposnMes(500, ""," 新增失敗 ", false);
}
return result;
}拦截器的应用
首先新建一个拦截器的类
public class UserHandlerInterceptor implements HandlerInterceptor {
// 动态资源
private static final String SESSION_NAME = "_session_user";
private static final String URL = "/v1/user/login";
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
// 验证 session 是否存在
User session = (User)request.getSession().getAttribute(SESSION_NAME);
UserThreadLocal.set(session);
if (Objects.isNull(session)) {response.sendRedirect(URL);
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception { }
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {}}接着建一个拦截器的配置类(千完不要忘了 @Configuration 注解)
@Configuration
public class InterceptorConfiguration implements WebMvcConfigurer {
/**
* 将拦截器配置到 SpringBoot 中
* @param registry
*/
@Override
public void addInterceptors(InterceptorRegistry registry){//.addPathPatterns("/user/*")示意拦挡的门路,//.excludePathPatterns("/user/login"); 示意的是拦挡门路内排除的门路
registry.addInterceptor(new UserHandlerInterceptor()).addPathPatterns("/user/*").excludePathPatterns("/user/login");
}
}注册实现开始登录
用户通过注册时返回的账户明码进行登录
登录胜利后,通过 session 获取用户信息贮存在客户端,当登录用户发动其余操作申请的时候 session 会去查找贮存对应的 V,取值胜利则阐明用户曾经登录过,能够持续操作。若取值失败则用户未登录。未登录就返回到登录界面让用户登录信息前方可拜访
若输出的账户不存在或账户所对应的明码谬误则提醒用户,用户名或明码谬误
public String login(UserRequest request, HttpSession session) {
try {if (StringUtils.isEmpty(request.getUsername())) {return respMsgUtil.getResposnMes(404, ""," 用户名不能为空 ", false);
}
User user = new User();
user.setUserName(request.getUsername());
List<User> list = userService.queryAll(user);
if (list.size() != 1 || !list.get(0).getPassWord().equals(md5Util.getMd5(request.getPassword()))) {return new RespMsgUtil().getResposnMes(404, ""," 用户名或明码谬误 ", false);
}
User user1 = list.get(0);
user1.setPassWord("");
session.setAttribute(SESSION_NAME, user1);
return new RespMsgUtil().getResposnMes(200, ""," 登录胜利 ", true);
} catch (Exception e) {log.info("登录异样", e);
return new RespMsgUtil().getResposnMes(500, ""," 登录失败 ", false);
}
}好了,明天就介绍怎么多。所有的调用办法在 Service 里。能够用 idea 的 easycode 插件生成。下篇文章介绍如何应用 easycode 插件生成代码。
正文完
