我在程序中遇到问题,我尝试使用HttpSession中的invalidate方法注销用户,但属性用户仍然存在。会话仍然包含属性“用户”,并且索引映射将用户重定向到/ user。 invalidate()应该从会话中删除所有属性,但是没有发生,为什么?
注销映射
package revo.first.site.controllers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.SessionAttributes;
import revo.first.site.mechanics.Authentiaction;
import revo.first.site.repositories.Repository;
import javax.servlet.http.HttpSession;
@SessionAttributes({"user","message"})
@Controller
public class AuthController {
//Data
@Autowired
private Authentiaction authentiaction;
@Autowired
private Repository repository;
//Register form
@PostMapping("/register")
public String register(Model model, @RequestParam String login, @RequestParam String password, @RequestParam String email){
if(!authentiaction.register(login,password,email)){
model.addAttribute("message", "Nie udalo sie zarejestrowac!");
return "redirect:/register";
}
model.addAttribute("user", repository.getUserRepository().findByLogin(login));
return "redirect:/user";
}
//Login form
@PostMapping("/login")
public String login(Model model, @RequestParam String login, @RequestParam String password){
if(!authentiaction.login(login, password)){
model.addAttribute("message", "Nie udalo sie zalogowac!");
return "redirect:/";
}
model.addAttribute("user", repository.getUserRepository().findByLogin(login));
return "redirect:/user";
}
//Logout user
@RequestMapping("/logout")
public String logout(HttpSession session){
session.invalidate();
return "redirect:/";
}
}
视图映射
package revo.first.site.controllers;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttribute;
import revo.first.site.SiteApplication;
import revo.first.site.entities.User;
import javax.servlet.http.HttpSession;
@Controller
public class ViewsController {
//Show index.html
@RequestMapping("/")
public String index(Model model,@SessionAttribute(name = "user", required = false) User u, @SessionAttribute(name = "message", required = false) String msg, HttpSession session){
this.addAttributes(model);
if(u != null) {
u.toString();
return "redirect:/user";
}
if(msg != null && msg != "") model.addAttribute("msg", msg);
else model.addAttribute("msg", "");
session.removeAttribute("message");
return "index";
}
//Show register.html
@GetMapping("/register")
public String register(Model model, @SessionAttribute(name = "message", required = false) String msg, HttpSession session){
this.addAttributes(model);
if(msg != null && msg != "") model.addAttribute("msg", msg);
else model.addAttribute("msg", "");
session.removeAttribute("message");
return "register";
}
//Show user.html
@GetMapping("/user")
public String user(Model model, @SessionAttribute("user") User u){
this.addAttributes(model);
model.addAttribute("u", u);
return "user";
}
//Add App atributes to model
private void addAttributes(Model model){
//Add atributes
model.addAttribute("title", SiteApplication.APP_TITLE);
}
}
答案 0 :(得分:0)
HttpSession只是一个接口。实现取决于servlet容器。尝试在注销时使会话无效两次。如果它将在第二次调用时引发IllegalStateException,则它应该可以工作。
@RequestMapping("/logout")
public String logout(HttpSession session){
session.invalidate();
session.invalidate();
return "redirect:/";
}