Jfinal Study Notes (c) Filter for user login verification

Before because I indulge in interstellar cannot extricate oneself cause blog long-term not update, can only say Wanwusangzhi ah.

This article follows the previous plan to explain how filters are used in jfinal, and how to use filters to verify the user's login status.

First of all explain why to do login verification, the above article in the user login as an example, the normal user should be the first to access http://localhost:8080/jfinal_tomcat/as shown in the following figure.

Enter your username and password below this page to go to the Http://localhost:8080/jfinal_tomcat/manage page, as shown in the following image.

But what if the user already knows the address of the http://localhost:8080/jfinal_tomcat/manage, entering the address directly in the address bar without logging in and accessing it, in the example given in the previous article , as shown in the following figure.

It can be seen from the figure that the user can access the Web page of the Http://localhost:8080/jfinal_tomcat/manage address, just because the user name is displayed as null because it is not logged in, which is clearly what we do not want to see. In order to solve this problem, we need to filter the users who have access through the custom filter method. In Jfinal, developers can implement the function of the custom filter by implementing the Interceptor interface method, the steps are as follows.

First, follow the methods described in the previous two articles to complete the basic configuration of jfinal and the implementation of user login, and then create a new Myinterceptor class that implements the Interceptor interface in the Jfinal framework and implements the Intercept method in the interface. The specific filter conditions are then implemented in the Intercept method. This is done by checking to see if the current user is logged in using the nickname stored in the session, since the user's nickname will be saved in the session after the user has successfully logged in in login, referring to the code in the second article. If the current session has nickname data to determine that the current user is logged in, allow continued access, if nickname is empty, then stop the current access, and jump to the login page to let the user login, the specific code is as follows.

Package Config;

Import javax.servlet.http.HttpSession;

Import Com.jfinal.aop.Interceptor;
Import com.jfinal.core.ActionInvocation;

public class Myinterceptor implements interceptor {

	@Override public
	void intercept (Actioninvocation ai) {
		TODO auto-generated Method Stub
		HttpSession session = Ai.getcontroller (). getsession ();
		if (session = = null) {
			ai.getcontroller (). Redirect ("/");
		}
		else{
			String nickname = (string) session.getattribute ("nickname");
			if (nickname! = null) {
				//system.out.println ("Hello");
			}
			else {
				Ai.getcontroller (). Redirect ("/");}}}

where Ai.getcontroller (). Redirect ("/"); statement is used to implement the jump, the parameter is relative to the home address of the site relative address, because here the landing page and home so directly hit "/" on it, The Indexcontroller class is then modified to include @before (Myinterceptor.class) in front of the Manage method, as shown in the following code.

@Before (myinterceptor.class) public
Void Manage () {
	render ("manage.jsp");
}

This completes the user login verification settings, the following specific tests. First enter the login address http://localhost:8080/jfinal_tomcat/manage without entering the username password, as shown in the following figure.

Then jump, the results page automatically returned to the login page, as shown in the following figure.

This enables the authentication and filtering of the user login status. In fact, the filter can not only achieve the user login status verification and filtering, in the complex system can also be implemented to the user's rights filtering, through the filtering method to determine whether the current user has the right to perform the operation of the user to achieve the permission to verify and filter.

About jfinal filters in the interim first of all, if there is a new discovery later I will further explain, the next I will record I through the jfinal and combined with uploadify plug-ins to achieve image upload specific methods.

PS: I hope you don't indulge in StarCraft these days ...