<!-- 公共的包,封装了通用的拦截器,通用的result -->
<package name="netctoss" extends="json-default">
<interceptors>
<!--登录检查拦截器 -->
<interceptor name="loginInterceptor" class="com.born.interceptor.LoginInterceptor" />
<!--登录检查拦截器栈 -->
<interceptor-stack name="loginStack">
<interceptor-ref name="loginInterceptor" />
<!-- 不要丢掉默认的拦截器栈,里面有很多Struts2依赖的拦截器 -->
<interceptor-ref name="defaultStack" />
</interceptor-stack>
</interceptors>
<!-- 设置Action默认引用的拦截器 -->
<default-interceptor-ref name="loginStack" />
<!--全局的result,包下所有的Action都可以公用 -->
<global-results>
<!--跳转到登录页面的result -->
<result name="login" type="redirectAction">
<param name="namespace">/login</param>
<param name="actionName">toLogin</param>
</result>
</global-results>
</package>
package com.born.interceptor;
import java.util.Map;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
/**
* 登录检查拦截器,用于检查用户是否登录
* @author asus
*
*/
public class LoginInterceptor implements Interceptor{
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void init() {
// TODO Auto-generated method stub
}
@Override
public String intercept(ActionInvocation ai) throws Exception {
//获取Session
Map<String,Object> session=ai.getInvocationContext().getSession();
//从Session中读取登录信息
Object admin=session.get("admin");
//如果登录信息为空,则踢回登录页面,而不用调用业务Action
if(admin==null){
return "login";
}else{
//如果登录信息不为空,则调用业务Action
return ai.invoke();
}
}
}
package com.born.webapi;
import javax.annotation.Resource;
import org.springframework.stereotype.Controller;
import com.born.action.BaseAction;
import com.born.entity.Admin;
import com.born.service.impl.LoginService;
@Controller
public class LoginWebApiAction extends BaseAction {
@Resource
private LoginService dao;
// input
private String adminCode;// 帐号
private String password;// 密码
// output
private String errorMsg;// 错误信息
private String errorMsg1;// 错误信息
private String verifyCode;// 验证码
public String getErrorMsg1() {
return errorMsg1;
}
public void setErrorMsg1(String errorMsg1) {
this.errorMsg1 = errorMsg1;
}
public String getVerifyCode() {
return verifyCode;
}
public void setVerifyCode(String verifyCode) {
this.verifyCode = verifyCode;
}
public String getAdminCode() {
return adminCode;
}
public void setAdminCode(String adminCode) {
this.adminCode = adminCode;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getErrorMsg() {
return errorMsg;
}
public void setErrorMsg(String errorMsg) {
this.errorMsg = errorMsg;
}
public String execute() {
// 从Session中取出生成的验证码
String imageCode = (String) session.get("imageCode");
// 验证用户输入的验证码是否与生成验证码一致
if (imageCode == null || !imageCode.equalsIgnoreCase(verifyCode)) {
// 如果不一致,提示错误
errorMsg1 = "验证码有误.";
return "fail";
}
Admin admin = null;
try {
admin = dao.findByCode(adminCode);
} catch (Exception e) {
e.printStackTrace();
return "error";
}
if (admin == null) {
// 如果管理员为空,则说明帐号有误,校验失败
errorMsg = "帐号不存在";
return "fail";
} else {
// 如果管理员不为空,进一步校验密码
if (password != null && password.equals(admin.getPassword())) {
// 如果密码一致,校验成功
session.put("admin", admin);
return "success";
} else {
// 密码不一致,校验失败
errorMsg = "密码有误。";
return "fail";
}
}
}
}
package com.born.action;
import java.util.Map;
import org.apache.struts2.interceptor.SessionAware;
public class BaseAction implements SessionAware{
protected Map<String,Object> session;
/*
* 采用接口注入的方式统一获取Session
* @see org.apache.struts2.interceptor.SessionAware#setSession(java.util.Map)
*/
@Override
public void setSession(Map<String,Object> arg0){
session=arg0;
}
}