前后端完全分离:后端响应的都是json数据,而不再是网页。
1. 登录成功或者失败应该返回json数据1. 登录成功或者失败应该返回json数据
2. 当未登录时返回的也是json数据
3. 访问未授权的资源,也要分会json。
修改登录接口
@Controller @ResponseBody public class LoginController { @GetMapping("login") public CommonResult login(String username, String password) { Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(username,password); try { subject.login(token); return new CommonResult(2000,"登陆成功",null); }catch (Exception e){ e.printStackTrace(); return new CommonResult(5000,"账号密码输入错误",null); } } }
2 当未登录时返回的也是json数据
创建一个过滤器,继承登录校验的某个接口。
@Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception { response.setContentType("application/json;charset=utf-8"); PrintWriter writer = response.getWriter(); CommonResult commonResult = new CommonResult(4001, "未登录", null); ObjectMapper objectMapper=new ObjectMapper(); String json = objectMapper.writeValueAsString(commonResult); writer.print(json); //响应给客户json数据 writer.flush(); writer.close(); return false; }3 如果没有权限应该返回json数据
@ControllerAdvice @ResponseBody public class MyException { @ExceptionHandler(value = UnauthorizedException.class) public CommonResult auth(UnauthorizedException u){ u.printStackTrace(); return new CommonResult(4002,"没有权限",null); } }