SpringBoot单点登录实现过程详细分析

软件发布|下载排行|最新软件

当前位置:首页IT学院IT技术

SpringBoot单点登录实现过程详细分析

披着星光的鲸鱼   2022-12-02 我要评论

1.具体实现步骤

添加拦截器,设置UUID作为唯一标识,存入数据库中

通过当前登陆者的账户进行查询

如果当前登陆者session中存入的UUID与我们数据库中的UUID值相同则通过

否则返回false,表示已在其他设备或浏览器登录登录

2.代码展示

首先我们新建一个Spring项目

添加以下几个依赖

yml配置文件

server:
  port: 8080
spring:
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://127.0.0.1:3306/userdb?characterEncoding=utf-8&&severTimezone=utc
    username: root
    password: root
  thymeleaf:
    mode: HTML5
    cache: false
    suffix: .html
    prefix: classpath:/templates/
mybatis:
      mapper-locations: classpath:/mapper/*.xml   #引入mapper文件
      type-aliases-package: com.bdqn.springsso.pojo  #引入类型别名

pom.xml配置文件

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.5</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.bdqn</groupId>
    <artifactId>springsso</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>springsso</name>
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>1.8</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.mybatis.spring.boot</groupId>
            <artifactId>mybatis-spring-boot-starter</artifactId>
            <version>2.2.2</version>
        </dependency>
        <dependency>
            <groupId>com.mysql</groupId>
            <artifactId>mysql-connector-j</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <excludes>
                        <exclude>
                            <groupId>org.projectlombok</groupId>
                            <artifactId>lombok</artifactId>
                        </exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>
</project>

后台代码

在java目录下建立以下几个包,并在resources中建立mapper包

首先进行 pojo层 实体类User 的编写

注意:在MySQL中创建表时 uuid 的数据类型为 varchar 长度一定要给大一点不然就会运行报错

package com.bdqn.springsso.pojo;
import lombok.Data;
@Data
public class User {
    //用户id
    private Integer id;
    //账户
    private String username;
    //密码
    private String password;
    //uuid
    private String uuid;
}

再进行 mapper层 UserMapper接口 的编写

package com.bdqn.springsso.mapper;
import com.bdqn.springsso.pojo.User;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
@Mapper
public interface UserMapper {
    //根据姓名和密码查询
    User chekLogin(@Param("username") String username, @Param("password") String password);
    //根据姓名修改uuid
    void update(@Param("uuid") String uuid,@Param("username") String username);
    //根据姓名查询uuid
    String getUUID(@Param("username") String username);
}

再进行 service层 UserService 和 UserServiceImpl 的编写

package com.bdqn.springsso.service;
import com.bdqn.springsso.pojo.User;
public interface UserService {
    //根据姓名和密码查询
    User chekLogin(String username, String password);
    //根据姓名修改uuid
    void update(String uuid,String username);
}
package com.bdqn.springsso.service;
import com.bdqn.springsso.mapper.UserMapper;
import com.bdqn.springsso.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@Service
public class UserServiceImpl implements UserService {
    @Autowired
    private UserMapper userMapper;
    @Override
    public User chekLogin(String username, String password) {
        return userMapper.chekLogin(username,password);
    }
    @Override
    public void update(String uuid,String username) {
        userMapper.update(uuid,username);
    }
}

再是 interceptor层 UserInterceptor拦截器 的编写

package com.bdqn.springsso.interceptor;
import com.bdqn.springsso.mapper.UserMapper;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class UserInterceptor implements HandlerInterceptor {
    private UserMapper userMapper;
    public UserInterceptor(UserMapper userMapper){
        this.userMapper=userMapper;
    }
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HttpSession session = request.getSession();
        String username = (String) session.getAttribute("username");
        //数据库
        String UUID=userMapper.getUUID(username);
        //session
        String uuid = (String)session.getAttribute("uuid");
        System.out.println("uuid = " + uuid);
        System.out.println("UUID = " + UUID);
        if(UUID.equals(uuid)){
            return true;
        }else  {
            System.out.println("拦截"+request.getRequestURI());
            response.sendRedirect("/login");
            response.setStatus(401);
            return false;
        }
    }
}

再是 controller层 UserController

package com.bdqn.springsso.controller;
import com.bdqn.springsso.pojo.User;
import com.bdqn.springsso.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
import java.util.UUID;
@Controller
@CrossOrigin
public class UserController {
    @Autowired
    private UserService userService;
    //登录
    @RequestMapping("/")
    public String goLogin(){
        return "login";
    }
    //登录验证
    @RequestMapping("/login")
    public String chekLogin(String username, String password, HttpSession session){
        User user=userService.chekLogin(username,password);
        if (user==null){
            return  "login";
        }else {
            session.setAttribute("username",username);
            String uuid= UUID.randomUUID().toString().replace("-", "");
            System.out.println("uuid = " + uuid);
            userService.update(uuid,username);
            session.setAttribute("uuid",uuid);
            return "index";
        }
    }
    //测试
    @RequestMapping("/test")
    @ResponseBody
    public String test(){
        return "成功";
    }
}

再是 config层 MvcConfig 的编写

package com.bdqn.springsso.config;
import com.bdqn.springsso.interceptor.UserInterceptor;
import com.bdqn.springsso.mapper.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class MvcConfig implements WebMvcConfigurer {
    @Autowired
    private UserMapper userMapper;
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //添加拦截器,排除/路径和 /login路径
        registry.addInterceptor(new UserInterceptor(userMapper))
                .excludePathPatterns("/","/login");
    }
}

最后是 userMapper.xml 的编写

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.bdqn.springsso.mapper.UserMapper">
    <update id="update">
        update user set uuid=#{uuid} where username=#{username}
    </update>
    <select id="chekLogin" resultType="com.bdqn.springsso.pojo.User">
        select * from user where username=#{username} and password=#{password}
    </select>
    <select id="getUUID" resultType="java.lang.String">
        select uuid from user where username=#{username}
    </select>
</mapper>

前台代码

login.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
  <meta charset="UTF-8">
  <title>Login Module</title>
</head>
<body>
<h1 style="text-align: center">欢迎来到登录页面</h1>
<form style="text-align: center" th:action="@{/login}" method="post">
  用户:<input type="text" name="username"><br>
  密码:<input type="password" name="password"><br>
  <button type="submit">登录</button>
</form>
</body>
</html>

index.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>登录成功</h1>
<a th:href="@{/test}" rel="external nofollow" >测试</a>
</body>
</html>

效果展示

首先我们用火狐浏览器进行操作

输入http://localhost:8080/进入登陆页面

点击登录

点击测试

然后我们返回登陆成功页面

再用谷歌浏览器进入http://localhost:8080/进行登录操作

登录后进入登录成功页面

此时我们返回火狐浏览器

点击测试超链接 发现页面跳转至登录页面

表明单点登录测试成功

Copyright 2022 版权所有 软件发布 访问手机版

声明:所有软件和文章来自软件开发商或者作者 如有异议 请与本站联系 联系我们