如何正确编写“重定向”（Spring MVC + Security）

Posted 2023-02-27

【中文标题】如何正确编写“重定向”（Spring MVC + Security）

【英文标题】：How to write correctly "redirect" (Spring MVC + Security)

【发布时间】：2019-10-18 22:45:52

【问题描述】：

我想在项目中，在授权发生后，立即转到所有内容都属于学生的页面（重定向：/allStudents） 我有点写了一切，也许我写错了可以告诉你

我有 2 个控制器如何正确编写重定向

授权控制器

package adil.java.schoolmaven.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class  AuthorizationController

    // If user will be successfully authenticated he/she will be taken to the login secure page.
    @RequestMapping(value="/admin", method = RequestMethod.GET)
    public ModelAndView adminPage() 

        ModelAndView m = new ModelAndView();
        m.addObject("title", "Вы успешно вошли");
        m.addObject("message", "Основная");
        m.setViewName("admin");

                return new ModelAndView("redirect:/allStudents");

    

    // Spring security will see this message.
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    public ModelAndView login(@RequestParam(value = "error", required = false) String error, 
            @RequestParam(value = "logout", required = false) String logout) 

        ModelAndView m = new ModelAndView();
        if (error != null) 
            m.addObject("error", "Неверный логин и пароль");        
        

        if (logout != null) 
            m.addObject("msg", "Вы успешно вышли");     
        

        m.setViewName("login");

                 return new ModelAndView("redirect:/allStudents");
    

学生控制器

package adil.java.schoolmaven.controller;

import java.io.File;
import java.io.IOException;
import java.util.List;
import javax.servlet.ServletContext;
import adil.java.schoolmaven.entity.Student;
import adil.java.schoolmaven.service.StudentService;
import java.nio.file.FileSystemException;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.NonNull;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class StudentController 

    @Autowired
    private ServletContext servletContext;

    // Constructor based Dependency Injection
    private StudentService studentService;

    public StudentController() 

    

    @Autowired
    public StudentController(StudentService studentService) 
        this.studentService = studentService;
    




    @RequestMapping(value = "/allStudents", method = RequestMethod.GET, RequestMethod.POST)

    public ModelAndView displayAllUser() 
        System.out.println("User Page Requested : All Students");
        ModelAndView mv = new ModelAndView();
        List<Student> studentList = studentService.getAllStudents();
        mv.addObject("studentList", studentList);
        mv.setViewName("allStudents");
        return mv;
    

    @RequestMapping(value = "/addStudent", method = RequestMethod.GET)
    public ModelAndView displayNewUserForm() 
        ModelAndView mv = new ModelAndView("addStudent");
        mv.addObject("headerMessage", "Add Student Details");
        mv.addObject("student", new Student());
        return mv;
    

    @PostMapping(value = "/addStudent")
    public String saveNewStudent(@RequestParam("name") @NonNull String name,
            @RequestParam("surname") @NonNull String surname,
            @RequestParam("avatar") MultipartFile file)
            throws IOException 

        Student student = new Student();
        student.setSurname(surname);
        student.setName(name);

        if (file != null && !file.isEmpty()) 
            student.setAvatar(studentService.saveAvatarImage(file).getName());
        

        studentService.saveStudent(student);
        return "redirect:/allStudents";
    

    @GetMapping(value = "/editStudent/id")
    public ModelAndView displayEditUserForm(@PathVariable Long id) 
        ModelAndView mv = new ModelAndView("editStudent");
        Student student = studentService.getStudentById(id);
        mv.addObject("headerMessage", "Редактирование студента");
        mv.addObject("student", student);
        return mv;
    

    @PostMapping(value = "/editStudent")
    public String saveEditedUser(
            @RequestParam("id") Long id,
            @RequestParam("name") String name,
            @RequestParam("surname") String surname,
            @RequestParam("avatar") MultipartFile file) 

        try 

            studentService.updateStudent(name, surname, file, studentService.getStudentById(id));

         catch (FileSystemException ex) 
            ex.printStackTrace();
         catch (IOException e) 
            return "redirect:/error";
        

        return "redirect:/allStudents";
    

    @GetMapping(value = "/deleteStudent/id")
    public ModelAndView deleteUserById(@PathVariable Long id) 
        studentService.deleteStudentById(id);
        ModelAndView mv = new ModelAndView("redirect:/allStudents");

        return mv;

    

【参考方案1】：

ModelAndView mv = new ModelAndView("redirect:/allStudents");
return mv;

和

return "redirect:/allStudents";

都差不多。当您在控制器中返回一个字符串时，它由 ModelViewResolver 处理。使用 ModelAndView，您只需强制执行此步骤。 对我来说，返回简单的 String 并使用 Model 对象作为属性更方便。但这是一个自以为是的话题，这是最好的选择，这里不允许这样的话题。 我认为您应该像您的团队那样编写并遵循他们的代码约定。和平！）