SpringBoot单点登录实现过程详细分析
披着星光的鲸鱼 人气:01.具体实现步骤
添加拦截器,设置UUID作为唯一标识,存入数据库中
通过当前登陆者的账户进行查询
如果当前登陆者session中存入的UUID与我们数据库中的UUID值相同则通过
否则返回false,表示已在其他设备或浏览器登录登录
2.代码展示
首先我们新建一个Spring项目
添加以下几个依赖
yml配置文件
server:
port: 8080
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://127.0.0.1:3306/userdb?characterEncoding=utf-8&&severTimezone=utc
username: root
password: root
thymeleaf:
mode: HTML5
cache: false
suffix: .html
prefix: classpath:/templates/
mybatis:
mapper-locations: classpath:/mapper/*.xml #引入mapper文件
type-aliases-package: com.bdqn.springsso.pojo #引入类型别名
pom.xml配置文件
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.7.5</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.bdqn</groupId> <artifactId>springsso</artifactId> <version>0.0.1-SNAPSHOT</version> <name>springsso</name> <description>Demo project for Spring Boot</description> <properties> <java.version>1.8</java.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.2.2</version> </dependency> <dependency> <groupId>com.mysql</groupId> <artifactId>mysql-connector-j</artifactId> <scope>runtime</scope> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <optional>true</optional> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> <configuration> <excludes> <exclude> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </exclude> </excludes> </configuration> </plugin> </plugins> </build> </project>
后台代码
在java目录下建立以下几个包,并在resources中建立mapper包
首先进行 pojo层 实体类User 的编写
注意:在MySQL中创建表时 uuid 的数据类型为 varchar 长度一定要给大一点不然就会运行报错
package com.bdqn.springsso.pojo; import lombok.Data; @Data public class User { //用户id private Integer id; //账户 private String username; //密码 private String password; //uuid private String uuid; }
再进行 mapper层 UserMapper接口 的编写
package com.bdqn.springsso.mapper; import com.bdqn.springsso.pojo.User; import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; @Mapper public interface UserMapper { //根据姓名和密码查询 User chekLogin(@Param("username") String username, @Param("password") String password); //根据姓名修改uuid void update(@Param("uuid") String uuid,@Param("username") String username); //根据姓名查询uuid String getUUID(@Param("username") String username); }
再进行 service层 UserService 和 UserServiceImpl 的编写
package com.bdqn.springsso.service; import com.bdqn.springsso.pojo.User; public interface UserService { //根据姓名和密码查询 User chekLogin(String username, String password); //根据姓名修改uuid void update(String uuid,String username); }
package com.bdqn.springsso.service; import com.bdqn.springsso.mapper.UserMapper; import com.bdqn.springsso.pojo.User; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @Service public class UserServiceImpl implements UserService { @Autowired private UserMapper userMapper; @Override public User chekLogin(String username, String password) { return userMapper.chekLogin(username,password); } @Override public void update(String uuid,String username) { userMapper.update(uuid,username); } }
再是 interceptor层 UserInterceptor拦截器 的编写
package com.bdqn.springsso.interceptor; import com.bdqn.springsso.mapper.UserMapper; import org.springframework.web.servlet.HandlerInterceptor; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class UserInterceptor implements HandlerInterceptor { private UserMapper userMapper; public UserInterceptor(UserMapper userMapper){ this.userMapper=userMapper; } @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HttpSession session = request.getSession(); String username = (String) session.getAttribute("username"); //数据库 String UUID=userMapper.getUUID(username); //session String uuid = (String)session.getAttribute("uuid"); System.out.println("uuid = " + uuid); System.out.println("UUID = " + UUID); if(UUID.equals(uuid)){ return true; }else { System.out.println("拦截"+request.getRequestURI()); response.sendRedirect("/login"); response.setStatus(401); return false; } } }
再是 controller层 UserController
package com.bdqn.springsso.controller; import com.bdqn.springsso.pojo.User; import com.bdqn.springsso.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import javax.servlet.http.HttpSession; import java.util.UUID; @Controller @CrossOrigin public class UserController { @Autowired private UserService userService; //登录 @RequestMapping("/") public String goLogin(){ return "login"; } //登录验证 @RequestMapping("/login") public String chekLogin(String username, String password, HttpSession session){ User user=userService.chekLogin(username,password); if (user==null){ return "login"; }else { session.setAttribute("username",username); String uuid= UUID.randomUUID().toString().replace("-", ""); System.out.println("uuid = " + uuid); userService.update(uuid,username); session.setAttribute("uuid",uuid); return "index"; } } //测试 @RequestMapping("/test") @ResponseBody public String test(){ return "成功"; } }
再是 config层 MvcConfig 的编写
package com.bdqn.springsso.config; import com.bdqn.springsso.interceptor.UserInterceptor; import com.bdqn.springsso.mapper.UserMapper; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class MvcConfig implements WebMvcConfigurer { @Autowired private UserMapper userMapper; @Override public void addInterceptors(InterceptorRegistry registry) { //添加拦截器,排除/路径和 /login路径 registry.addInterceptor(new UserInterceptor(userMapper)) .excludePathPatterns("/","/login"); } }
最后是 userMapper.xml 的编写
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <mapper namespace="com.bdqn.springsso.mapper.UserMapper"> <update id="update"> update user set uuid=#{uuid} where username=#{username} </update> <select id="chekLogin" resultType="com.bdqn.springsso.pojo.User"> select * from user where username=#{username} and password=#{password} </select> <select id="getUUID" resultType="java.lang.String"> select uuid from user where username=#{username} </select> </mapper>
前台代码
login.html
<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"> <head> <meta charset="UTF-8"> <title>Login Module</title> </head> <body> <h1 style="text-align: center">欢迎来到登录页面</h1> <form style="text-align: center" th:action="@{/login}" method="post"> 用户:<input type="text" name="username"><br> 密码:<input type="password" name="password"><br> <button type="submit">登录</button> </form> </body> </html>
index.html
<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h1>登录成功</h1> <a th:href="@{/test}" rel="external nofollow" >测试</a> </body> </html>
效果展示
首先我们用火狐浏览器进行操作
输入http://localhost:8080/进入登陆页面
点击登录
点击测试
然后我们返回登陆成功页面
再用谷歌浏览器进入http://localhost:8080/进行登录操作
登录后进入登录成功页面
此时我们返回火狐浏览器
点击测试超链接 发现页面跳转至登录页面
表明单点登录测试成功
加载全部内容