1.导入项目
2.基于Session实现登录
手机验证码完整实现
/*** 发送验证码* @param phone* @param session* @return*/@Overridepublic Result sendCode(String phone, HttpSession session) {//1.校验手机号if(RegexUtils.isPhoneInvalid(phone)){//2.如果不符合,返回错误信息return Result.fail("手机号格式错误");}//3.符合生成验证码String code =RandomUtil.randomNumbers(6);//4.保存验证码到sessionsession.setAttribute("code",code);//5.发送验证码log.debug("验证码发送成功:{}",code);return Result.ok();}
/*** 短信验证码登录* @param loginForm* @param session* @return*/@Overridepublic Result login(LoginFormDTO loginForm, HttpSession session) {//1.校验手机号String phone = loginForm.getPhone();//2.如果不符合,返回错误信息if(RegexUtils.isPhoneInvalid(phone)){return Result.fail("手机号格式错误");}//3.校验验证码Object cacheCode = session.getAttribute("code");String code = loginForm.getCode();//4.不一致报错if(code==null || !cacheCode.toString().equals(code)){return Result.fail("验证码错误");}//5.根据手机号查询用户是否存在User user = query().eq("phone", phone).one();if (user == null) {//6.不存在,创建新用户user=createUserWithPhone(phone);}//8.保存用户到sessionsession.setAttribute("user",user);return Result.ok();}private User createUserWithPhone(String phone) {User user = new User();user.setPhone(phone);user.setNickName(USER_NICK_NAME_PREFIX+RandomUtil.randomString(10));//7.保存用户到数据库//保存用户save(user);return user;}
3.实现登录校验拦截器
/*** 短信验证码登录* @param loginForm* @param session* @return*/@Overridepublic Result login(LoginFormDTO loginForm, HttpSession session) {//1.校验手机号String phone = loginForm.getPhone();//2.如果不符合,返回错误信息if(RegexUtils.isPhoneInvalid(phone)){return Result.fail("手机号格式错误");}//3.校验验证码Object cacheCode = session.getAttribute("code");String code = loginForm.getCode();//4.不一致报错if(code==null || !cacheCode.toString().equals(code)){return Result.fail("验证码错误");}//5.根据手机号查询用户是否存在User user = query().eq("phone", phone).one();if (user == null) {//6.不存在,创建新用户user=createUserWithPhone(phone);}//8.保存用户到sessionsession.setAttribute("user", BeanUtil.copyProperties(user,UserDTO.class));return Result.ok();}
@Configuration
public class MvcConfig implements WebMvcConfigurer {@Overridepublic void addInterceptors(InterceptorRegistry registry) {registry.addInterceptor(new LoginInterceptor()).excludePathPatterns("/shop/**","/shop-type/**","/voucher/**","/upload/**","/blog/hot","/user/code","/user/login");}
}
public class LoginInterceptor implements HandlerInterceptor {@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {//1.获取sessionHttpSession session = request.getSession();//2.获取session中的用户Object user = session.getAttribute("user");//3.判断用户是否存在if(user==null){//4.用户不存在进行拦截response.setStatus(401);return false;}//5.用户存在将用户信息保存到ThreadLocalUserHolder.saveUser((UserDTO) user);//6.放行return HandlerInterceptor.super.preHandle(request, response, handler);}@Overridepublic void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {//移除用户UserHolder.removeUser();HandlerInterceptor.super.afterCompletion(request, response, handler, ex);}
}
@GetMapping("/me")public Result me(){// TODO 获取当前登录的用户并返回UserDTO userDTO = UserHolder.getUser();return Result.ok(userDTO);}public class UserHolder {private static final ThreadLocal<UserDTO> tl = new ThreadLocal<>();public static void saveUser(UserDTO user){tl.set(user);}public static UserDTO getUser(){return tl.get();}public static void removeUser(){tl.remove();}
}
