上一篇文章我们使用ssm整合了shiro安全框架前后端没有进行分离
本篇文章在上一章的项目基础上进行前后端代码分离操作
一、根据账号和密码登录后前后端代码分离🍉
(1)定义一个统一的json类 统一返回的格式🥝
package com.lzq.vo;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@NoArgsConstructor
@AllArgsConstructor
public class Result {
private Integer code;
private String msg;
private Object data;
}
(2) 修改controller代码🥝
修改前代码
修改后
@PostMapping ("/login")
@ResponseBody
public Result login(LoginVo loginVo){
Subject subject = SecurityUtils.getSubject();
System.out.println(loginVo.getUsername());
UsernamePasswordToken token = new UsernamePasswordToken(loginVo.getUsername(),loginVo.getPassword());
try {
subject.login(token);
return new Result(200,"登录成功",null);
}catch (Exception e){
System.out.println("登录失败");
return new Result(500,"账号或密码错误",null);
}
}
二、权限不足时前后端代码分离🍉
修改权限不足的异常处理类
package com.lzq.hendler;
import com.lzq.vo.Result;
import org.apache.shiro.authz.UnauthorizedException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
@ControllerAdvice
public class MyHendlr {
@ExceptionHandler(value = UnauthorizedException.class)
@ResponseBody
public Result UnauthorizedException(UnauthorizedException e){
e.printStackTrace();
return new Result(403,"权限不足",null);
}
}
三、未登录时前后端代码分离🍉
修改前
修改后
@GetMapping("/unlogin")
@ResponseBody
public Result unlogin(){
return new Result(401,"请先登录",null);
}