一、登录功能完善
由于员工表中的密码是明文存储的,安全性太低,需使用MD5加密算法
- 导包
import org.springframework.util.DigestUtils;
- 获取前端传来的用户名密码 - 查询数据库中的数据(密码已加密) - 将前端传来的密码进行MD5加密,与数据库中的密码进行比对
public class EmployeeController {
// @RequestBody作用是将请求体的内容直接映射到EmployeeLoginDTO对象
public Result<EmployeeLoginVO> login(@RequestBody EmployeeLoginDTO employeeLoginDTO) {
...
return Result.success(employeeLoginVO);
}
}
// 获取前端传进来的用户名密码
String username = employeeLoginDTO.getUsername();
String password = employeeLoginDTO.getPassword();
// 根据用户名查询数据库中的数据
Employee employee = employeeMapper.getByUsername(username);
// 密码比对
password = DigestUtils.md5DigestAsHex(password.getBytes());
...
二、新增员工代码开发
1. 根据新增员工接口设计对应的DTO
@Data
public class EmployeeDTO implements Serializable {
private Long id;
private String username;
private String name;
private String phone;
private String sex;
private String idNumber;
}
2. 编写Controller层代码
public class EmployeeController {
...
@PostMapping // RESTful 接口规范 POST请求,向服务器提交数据(数据库写入操作)
@ApiOperation(value = "新增员工") // 前端生成接口文档
// @RequestBody注解表示将请求体中的json数据封装到EmployeeDTO对象中
public Result save(@RequestBody EmployeeDTO employeeDTO) {
log.info("新增员工:{}", employeeDTO);
employeeService.save(employeeDTO);
return Result.success();
}
...
}
3. 编写业务逻辑层(Service)代码
public interface EmployeeService {
void save(EmployeeDTO employeeDTO);
}
public class EmployeeServiceImpl implements EmployeeService {
public void save(EmployeeDTO employeeDTO) {
Employee employee = new Employee();
//对象属性拷贝
BeanUtils.copyProperties(employeeDTO, employee);
//设置账号状态
employee.setStatus(StatusConstant.ENABLE);
//设置默认密码123456
employee.setPassword(DigestUtils.md5DigestAsHex(PasswordConstant.DEFAULT_PASSWORD.getBytes()));
//设置创建时间、更新时间
employee.setCreateTime(LocalDateTime.now());
employee.setUpdateTime(LocalDateTime.now());
//设置创建人id、修改人id
employee.setCreateUser(获取当前用户ID);
employee.setUpdateUser(获取当前用户ID);
employeeMapper.insert(employee);
}
}
那我问你,通过JWT令牌解析出员工ID后,如何传递给Sercvice层的save方法?
通过ThreadLocal线程级存储,首先,拦截器提取出JWT令牌后解析出ID,再调用BaseContext.setCurrentId()存储ID,最后在Service层的save方法中调用BaseContext.getCurrentId()获取当前用户ID
4. 编写数据访问层(DAO/Mapper)代码
public interface EmployeeMapper {
@Insert("insert into employee (name, username, password, phone, sex, id_number, create_time, update_time, create_user, update_user, status) values (#{name}, #{username}, #{password}, #{phone}, #{sex}, #{idNumber}, #{createTime}, #{updateTime}, #{createUser}, #{updateUser}, #{status})")
void insert(Employee employee);
}
三、员工分页查询代码开发
1. 根据接口设计对应的DTO
...
@Data
public class EmployeePageQueryDTO implements Serializable {
//员工姓名
private String name;
//页码
private int page;
//每页显示记录数
private int pageSize;
}
2. 分页结果统一封装
@Data
@AllArgsConstructor
@NoArgsConstructor
public class PageResult implements Serializable {
//总记录数
private long total;
//当前页数据集合
private List records;
}
3. 编写Controller、Service、Mapper层代码(使用MyBatis分页插件PageHelper,引入Mybatis依赖就不多赘述了)
public class EmployeeController {
...
@GetMapping("/page")
@ApiOperation(value = "分页查询员工")
// 不用加@RequestBody 因为DTO通过查询字符串自动绑定参数
public Result<PageResult> page(EmployeePageQueryDTO employeePageQueryDTO) {
log.info("员工分页查询,参数为:{}", employeePageQueryDTO);
PageResult pageResult = employeeService.pageQuery(employeePageQueryDTO);
return Result.success(pageResult);
}
...
}
public class EmployeeServiceImpl implements EmployeeService {
public PageResult pageQuery(EmployeePageQueryDTO employeePageQueryDTO) {
//开始分页查询
PageHelper.startPage(employeePageQueryDTO.getPage(), employeePageQueryDTO.getPageSize());
Page<Employee> page = employeeMapper.pageQuery(employeePageQueryDTO);
long total = page.getTotal();
List<Employee> records = page.getResult();
return new PageResult(total, records);
}
}
@Mapper
public interface EmployeeMapper {
Page<Employee> pageQuery(EmployeePageQueryDTO employeePageQueryDTO);
}
// 动态SQL
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.sky.mapper.EmployeeMapper">
<select id="pageQuery" resultType="com.sky.entity.Employee">
select * from employee
<where>
<if test="name != null and name != ''">
and name like concat('%',#{name},'%')
</if>
</where>
order by create_time desc
</select>
</mapper>
SQL代码解释: if条件判断:
test="name != null and name != ''":仅当name参数非空且非空字符串时生效
like concat('%',#{name},'%'):模糊查询(等效于LIKE '%张三%')
......
