Home > Mobile >  @SessionAttribute confusing
@SessionAttribute confusing

Time:12-19

I have a Spring Controller class which have the login functionality. It have two method : getCustomer to get customer info from database to keep in session, submitLoginForm to check if customer (or user) log in success (login fail if getCustomer return null and run to error page). But one thing keep me confusing is the when I input true username and password

@Controller
@SessionAttributes("customer")
public class LoginController {
    
    @Autowired
    CustomerService customService;
    
    // get username and password to log in
    @ModelAttribute("customer")
    public Customer getCustomer(@RequestParam String username, @RequestParam String password) {

            Customer c = customService.getCustomer(username, password);
            return c;
    }
    
    @RequestMapping(method=RequestMethod.POST,value="/login")
    public String submitLoginForm(@SessionAttribute(required=false) Customer customer, Model model) {
        
        if(customer != null) {
            // login successfully
            return "redirect:/";
        } else {
            // login unsuccessfully
            model.addAttribute("message","wrong username or password");
            return "error";
        }
    }
}

When I login with true username and password, I get the error page instead of the home page. But when I type the homepage url the homepage show up with the username I have logged in successfully

Here is my login form

<form action="login" method="POST">
    <input type="text" placeholder="Name" name="username" required/>
    <input type="text" placeholder="Password" name="password" required/>
                            
    <button type="submit" >Login</button>
</form>

CodePudding user response:

Make it so (untested):

@Controller
@SessionAttributes("customer")
public class LoginController {

    @Autowired
    CustomerService customService;

    @RequestMapping(method=RequestMethod.POST,value="/login")
    public String submitLoginForm(
      @RequestParam String username, 
      @RequestParam String password,
      Model model
    ) {
        Customer customer = customService.getCustomer(username, password);
        if(customer != null) {
            // login successfully
            model.addAtribute("customer", customer); // !!
            return "redirect:/";
        } else {
            // login unsuccessfully
            model.addAttribute("message","wrong username or password");
            return "error";
        }
    }
}
  • Don't "expose" any @ModelAttribute, since our form("view"!) does not need/use it. (as much can see)
  • But instead:
    • send @RequestParams to submitLoginForm() (according with the html form)
    • add a model/session attribute on successful login (i.e. on form submission).

After this (model.addAttribute), we can access "customer" (model/session) attribute from any view/controller within this session (due/thx to SessionAttributes annotation).

For this to work:

@ModelAttribute("customer")
public Customer getCustomer(@RequestParam String username, @RequestParam String password) {
    Customer c = customService.getCustomer(username, password);
    return c;
}

We'd already have to call(GET) it like: /login?username=admin&password=se3cret (surpassing the submitLoginForm()..).

Page link:https//www.codepudding.com/Mobile/233093.html

Prev:I'm not able to see anything in JFrame
Next:How can I make sure that an existing value is not overwritten when doing an ElasticSearch update in
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding