记录在听黑马课的时候的笔记以及课堂上练习的代码，文章图源于我在听课的时候所截的屏，所以有些不清晰，请见谅。下面是课程链接，可点击自行跳转。

【黑马程序员JavaWeb开发教程，实现javaweb企业开发全流程（涵盖Spring+MyBatis+SpringMVC+SpringBoot等）】

基础登录功能

基础登录实现：

//LoginController.java package com.jianglin.controller; import com.jianglin.pojo.Emp; import com.jianglin.pojo.Result; import com.jianglin.service.EmpService; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RestController; @RestController @Slf4j public class LoginController { @Autowired private EmpService empService; @PostMapping("/login") public Result login(@RequestBody Emp emp) { log.info("登录员工信息{}",emp); Emp e = empService.login(emp); return e!=null?Result.success():Result.error("用户名或密码错误"); } } //EmpService.java package com.jianglin.service; import com.jianglin.pojo.Emp; import com.jianglin.pojo.PageBean; import org.springframework.format.annotation.DateTimeFormat; import java.time.LocalDate; import java.util.List; public interface EmpService { PageBean page(Integer page, Integer pageSize,String name, Short gender,LocalDate begin,LocalDate end); void delete(List<Integer> ids); /** * 新增员工 * */ void save(Emp emp); /** * 根据id查询员工信息 * */ Emp getById(Integer id); /** * 修改员工信息 * */ void update(Emp emp); /** * 员工登录信息 * */ Emp login(Emp emp); } //EmpServiceImpl.java package com.jianglin.service.impl; import com.github.pagehelper.Page; import com.github.pagehelper.PageHelper; import com.jianglin.mapper.EmpMapper; import com.jianglin.pojo.Emp; import com.jianglin.pojo.PageBean; import com.jianglin.service.EmpService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import java.time.LocalDate; import java.time.LocalDateTime; import java.util.List; @Service public class EmpServiceImpl implements EmpService { @Autowired private EmpMapper empMapper; // @Override // public PageBean page(Integer page, Integer pageSize) { // //获取所有记录数 // Integer count = empMapper.count(); // //获取当前的记录数据，存储到列表中 // Integer start = (page - 1) * pageSize; // List<Emp> list = empMapper.page(start,pageSize); // //封装到实体类里面 // PageBean pageBean = new PageBean(count,list); // return pageBean; // } @Override public PageBean page(Integer page, Integer pageSize, String name, Short gender, LocalDate begin, LocalDate end) { //使用pagehelper调用方法 PageHelper.startPage(page, pageSize); //获取查询列表，并进行转换 List<Emp> list = empMapper.list(name,gender,begin,end); Page<Emp> pagelist = (Page<Emp>) list; //封装到实体类里面 PageBean pageBean = new PageBean(pagelist.getTotal(),pagelist.getResult()); return pageBean; } /** * 删除员工 * */ @Override public void delete(List<Integer> ids) { empMapper.delete(ids); } /** * 新增员工 * */ @Override public void save(Emp emp) { emp.setCreateTime(LocalDateTime.now()); emp.setUpdateTime(LocalDateTime.now()); empMapper.insert(emp); } /** * 根据id查询员工信息 * */ @Override public Emp getById(Integer id) { Emp emp = empMapper.getById(id); return emp; } @Override public void update(Emp emp) { emp.setUpdateTime(LocalDateTime.now()); emp.setCreateTime(LocalDateTime.now()); empMapper.update(emp); } /** * 登录员工信息 * */ @Override public Emp login(Emp emp) { Emp e = empMapper.getByUsernameAndPassword(emp); return e; } } //EmpMapper.java package com.jianglin.mapper; import com.jianglin.pojo.Dept; import com.jianglin.pojo.Emp; import org.apache.ibatis.annotations.*; import java.time.LocalDate; import java.util.List; @Mapper public interface EmpMapper { /** * 删除员工信息 * */ void delete(@Param("ids") List<Integer> ids) ; /** * 实现分页查询 * 1、统计总数据量 * 2、实现分页设置 * */ // @Select("select count(*) from emp") // public Integer count(); // // @Select("select * from emp limit #{start},#{pageSize}") // public List<Emp> page(@Param("start") Integer start, @Param("pageSize") Integer pageSize); /** * 用pageHelper实现分页查询 * */ // @Select("select * from emp") // public List<Emp> list(); /** * 实现条件分页查询 * 实现动态SQL * */ public List<Emp> list(@Param("name")String name, @Param("gender")Short gender, @Param("begin")LocalDate begin, @Param("end")LocalDate end); /** * 新增员工信息 * */ @Insert("insert into emp(username, name, gender, image, job, entrydate, dept_id, create_time, update_time) " + "VALUES (#{username},#{name},#{gender},#{image},#{job},#{entrydate},#{deptId},#{createTime},#{updateTime})") void insert(Emp emp); /** * 根据id查询员工信息 * */ @Select("select * from emp where id = #{id}") Emp getById(Integer id); /** * 修改员工信息 * */ void update(Emp emp); /** * 用户登录 * */ @Select("select * from emp where username=#{username} and password = #{password}") Emp getByUsernameAndPassword(Emp emp); }

登录校验

概述

会话技术--会话跟踪方案对比

Cookie和Session跟踪实现：

package com.jianglin.controller; import com.jianglin.pojo.Result; import lombok.extern.slf4j.Slf4j; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * HttpSession演示 */ @Slf4j @RestController public class SessionController { //设置Cookie @GetMapping("/c1") public Result cookie1(HttpServletResponse response){ response.addCookie(new Cookie("login_username","itheima")); //设置Cookie/响应Cookie return Result.success(); } //获取Cookie @GetMapping("/c2") public Result cookie2(HttpServletRequest request){ Cookie[] cookies = request.getCookies(); for (Cookie cookie : cookies) { if(cookie.getName().equals("login_username")){ System.out.println("login_username: "+cookie.getValue()); //输出name为login_username的cookie } } return Result.success(); } @GetMapping("/s1") public Result session1(HttpSession session){ log.info("HttpSession-s1: {}", session.hashCode()); session.setAttribute("loginUser", "tom"); //往session中存储数据 return Result.success(); } @GetMapping("/s2") public Result session2(HttpServletRequest request){ HttpSession session = request.getSession(); log.info("HttpSession-s2: {}", session.hashCode()); Object loginUser = session.getAttribute("loginUser"); //从session中获取数据 log.info("loginUser: {}", loginUser); return Result.success(loginUser); } }

JWT令牌

介绍

生成和校验

Jwt从0.11.0版本开始被分为jjwt-api，jjwt-impl，jjwt-jackson三个模块，所以要分别导入

JWT令牌生成和解析：

package com.jianglin; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import org.junit.jupiter.api.Test; import org.springframework.boot.test.context.SpringBootTest; import java.util.Date; import java.util.HashMap; import java.util.Map; //@SpringBootTest class TliasApplicationTests { @Test void contextLoads() { } /** * 创建JWT令牌 * */ @Test public void testGenJwt(){ Map<String, Object> claims = new HashMap<>(); claims.put("name", "tom"); claims.put("age", 18); String jwt = Jwts.builder() .signWith(SignatureAlgorithm.HS256, "jianglin")//签名算法 .setClaims(claims)//自定义内容（载荷） .setExpiration(new Date(System.currentTimeMillis() + 3600 * 1000))//设置令牌有效期为1小时 .compact(); System.out.println(jwt); } /** * 解析JWT令牌 * */ @Test public void testParseJwt(){ Claims claims = Jwts.parser() .setSigningKey("jianglin") .parseClaimsJws("eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoidG9tIiwiZXhwIjoxNzYyNTExMzE4LCJhZ2UiOjE4fQ.-FfTJV40IF_znd8O8aQV4jmJC8xBO165cYeMcXnd3T0") .getBody(); System.out.println(claims); } }

登录后下发令牌

登录时加入JWT令牌：

//JwtUtils.java package com.jianglin.utils; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import java.util.Date; import java.util.Map; public class JwtUtils { private static String signKey = "itheima"; private static Long expire = 43200000L; /** * 生成JWT令牌 * @param claims JWT第二部分负载 payload 中存储的内容 * @return */ public static String generateJwt(Map<String, Object> claims){ String jwt = Jwts.builder() .addClaims(claims) .signWith(SignatureAlgorithm.HS256, signKey) .setExpiration(new Date(System.currentTimeMillis() + expire)) .compact(); return jwt; } /** * 解析JWT令牌 * @param jwt JWT令牌 * @return JWT第二部分负载 payload 中存储的内容 */ public static Claims parseJWT(String jwt){ Claims claims = Jwts.parser() .setSigningKey(signKey) .parseClaimsJws(jwt) .getBody(); return claims; } } //LoginController.java package com.jianglin.controller; import com.jianglin.pojo.Emp; import com.jianglin.pojo.Result; import com.jianglin.service.EmpService; import com.jianglin.utils.JwtUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import java.util.HashMap; import java.util.Map; @RestController @Slf4j public class LoginController { @Autowired private EmpService empService; @PostMapping("/login") public Result login(@RequestBody Emp emp) { log.info("登录员工信息{}",emp); Emp e = empService.login(emp); //如果用户登录成功，分配Jwt令牌，返回成功信息 if (e != null) { Map<String, Object> claims = new HashMap<>(); claims.put("id", e.getId()); claims.put("name", e.getName()); claims.put("username", e.getUsername()); String jwt = JwtUtils.generateJwt(claims); return Result.success(jwt); } //若登录失败，直接返回错误信息 return Result.error("用户名或密码错误"); } }

过滤器Filter

入门

filter快速入门，拦截所有：

//DemoFilter.java package com.jianglin.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import java.io.IOException; @WebFilter(urlPatterns = "/*") public class DemoFilter implements Filter { @Override//初始化方法，只调用一次 public void init(FilterConfig filterConfig) throws ServletException { System.out.println("init 初始化方法执行了"); } @Override//拦截到请求之后调用，调用多次 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("拦截到了请求"); //放行 filterChain.doFilter(servletRequest, servletResponse); } @Override//销毁方法，只调用一次 public void destroy() { System.out.println("destroy 销毁化方法执行了"); } } //TliasApplication.java package com.jianglin; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.web.servlet.ServletComponentScan; @ServletComponentScan @SpringBootApplication public class TliasApplication { public static void main(String[] args) { SpringApplication.run(TliasApplication.class, args); } }

详解

登录校验Filter

登录校验过滤器：

//LoginCheckFilter.java package com.jianglin.filter; import cn.hutool.json.JSONUtil; import com.jianglin.pojo.Result; import com.jianglin.utils.JwtUtils; import lombok.extern.slf4j.Slf4j; import org.codehaus.jettison.json.JSONObject; import org.springframework.util.StringUtils; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebFilter(urlPatterns = "/*") @Slf4j public class LoginCheckFilter implements Filter { @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; //1.获取请求url StringBuffer url = req.getRequestURL(); log.info("获取到的url为{}",url); //2.判断请求url中是否包含login，如果包含，说明是登录操作，放行 if (url.toString().contains("login")) { log.info("执行登录操作。。。"); filterChain.doFilter(request, response); return; } //3.获取请求头中的令牌（token） String jwt = req.getHeader("token"); //4.判断令牌是否存在，如果不存在，返回错误结果（未登录） if (!StringUtils.hasLength(jwt)) { log.info("令牌不存在"); Result error = Result.error("NOT_LOGIN"); //手动转换 对象 用hutool包 String notLogin = JSONUtil.toJsonStr(error); resp.getWriter().write(notLogin); return; } //5.解析token，如果解析失败，返回错误结果（未登录） try { //解析判断是否正确 JwtUtils.parseJWT(jwt); }catch (Exception e) { e.printStackTrace(); log.info("解析令牌失败，返回未登录错误信息"); Result error = Result.error("NOT_LOGIN"); String notLogin = JSONUtil.toJsonStr(error); resp.getWriter().write(notLogin); return; } //6.放行 filterChain.doFilter(request, response); } } //hutool包依赖 <dependency> <groupId>cn.hutool</groupId> <artifactId>hutool-all</artifactId> <version>5.4.1</version> </dependency>

拦截器Interceptor

简介&快速入门

Interceptor快速入门：

//LoginCheckInterceptor.java package com.jianglin.interceptor; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @Component public class LoginCheckInterceptor implements HandlerInterceptor { @Override//目标资源方法执行前执行，返回true：放行 返回false：不放行 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println("preHandle..."); return true; } @Override//目标资源方法执行后执行 public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { System.out.println("postHandle..."); } @Override//视图渲染完毕后执行，最后执行 public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { System.out.println("afterCompletion..."); } } //LoginCheckConfig.java package com.jianglin.config; import com.jianglin.interceptor.LoginCheckInterceptor; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class LoginCheckConfig implements WebMvcConfigurer { @Autowired private LoginCheckInterceptor loginCheckInterceptor; @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(loginCheckInterceptor).addPathPatterns("/**"); } }

详解拦截路径以及执行流程

登录校验Interceptor

登录校验Interceptor实现：

package com.jianglin.interceptor; import cn.hutool.json.JSONUtil; import com.jianglin.pojo.Result; import com.jianglin.utils.JwtUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @Component @Slf4j public class LoginCheckInterceptor implements HandlerInterceptor { @Override//目标资源方法执行前执行，返回true：放行 返回false：不放行 public boolean preHandle(HttpServletRequest req, HttpServletResponse resp, Object handler) throws Exception { //1.获取请求url StringBuffer url = req.getRequestURL(); log.info("获取到的url为{}",url); //2.判断请求url中是否包含login，如果包含，说明是登录操作，放行 if (url.toString().contains("login")) { log.info("执行登录操作。。。"); return true; } //3.获取请求头中的令牌（token） String jwt = req.getHeader("token"); //4.判断令牌是否存在，如果不存在，返回错误结果（未登录） if (!StringUtils.hasLength(jwt)) { log.info("令牌不存在"); Result error = Result.error("NOT_LOGIN"); //手动转换 对象 用hutool包 String notLogin = JSONUtil.toJsonStr(error); resp.getWriter().write(notLogin); return false; } //5.解析token，如果解析失败，返回错误结果（未登录） try { //解析判断是否正确 JwtUtils.parseJWT(jwt); }catch (Exception e) { e.printStackTrace(); log.info("解析令牌失败，返回未登录错误信息"); Result error = Result.error("NOT_LOGIN"); String notLogin = JSONUtil.toJsonStr(error); resp.getWriter().write(notLogin); return false; } //6.放行 return true; } @Override//目标资源方法执行后执行 public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { System.out.println("postHandle..."); } @Override//视图渲染完毕后执行，最后执行 public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { System.out.println("afterCompletion..."); } }

整体流程和过滤器一致，只是放行操作不同。

在运行时要将过滤器的注解给注释掉。

异常处理

异常处理实现：

package com.jianglin.exception; import com.jianglin.pojo.Result; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; @RestControllerAdvice public class GlobalExceptionHandler { @ExceptionHandler(value = Exception.class)//捕获所有异常 public Result ex(Exception ex) { ex.printStackTrace(); return Result.error("操作失败，请联系管理员"); } }

这篇文章就先更新到这里，接下来的内容可查看我的下一篇博客，感谢观看，希望对你有帮助。