您的位置：首页 > 编程语言 > Java开发

JavaWeb 过滤器实现30天内自动登录

2015-08-06 10:07 429 查看

1、在 index.jsp 中

<body>
<h1>30天内自动登陆</h1><hr>
<c:if test="${sessionScope.user == null}">
游客!
<a href="${pageContext.request.contextPath }/login.jsp">登录</a>
</c:if>
<c:if test="${sessionScope.user != null}">
欢迎回来,${sessionScope.user.name }
<a href="${pageContext.request.contextPath }/servlet/LogoutServlet">注销</a>
</c:if>
</body>

2、在 login.jsp 中

<body>
<h1>用户登录</h1><hr>
<form action="${pageContext.request.contextPath }/servlet/LoginServlet" method="POST">
用户名<input type="text" name="name" />
密码<input type="password" name="password" />
<input type="checkbox" name="autologin" value="true"/>30天内自动登陆
<input type="submit" value="登录"/>
</form>
</body>

3、创建 LoginServlet

public class LoginServlet extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//1.获取用户名密码
String name = request.getParameter("name");
String password  = MD5Utils.md5(request.getParameter("password"));
//2.校验用户名密码
String sql = "select * from user where name = ? and password = ? ";
User user = null;
try {
QueryRunner runner = new QueryRunner(DaoUtils.getSource());
user = runner.query(sql, new BeanHandler<User>(User.class),name,password);
} catch (SQLException e) {
e.printStackTrace();
}
if(user == null){
response.getWriter().write("用户名密码不正确");
return;
}else{
//3.登录用户
request.getSession().setAttribute("user", user);

//如果用户勾选过30天内自动登陆,发送自动登陆cookie
if("true".equals(request.getParameter("autologin"))){
Cookie autologinC = new Cookie("autologin",user.getName()+":"+user.getPassword());
autologinC.setPath(request.getContextPath());
autologinC.setMaxAge(3600*24*30);
response.addCookie(autologinC);
}

//4.重定向到主页
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
}
}

4、创建 AutoLoginFilter

public class AutologinFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;

//1.只有未登录的用户才能自动登陆
if(req.getSession(false)==null || req.getSession().getAttribute("user")==null){

//2.只有带了自动登陆cookie的用户才能自动登陆
Cookie [] cs = req.getCookies();
Cookie findC = null;
if(cs!=null){
for(Cookie c : cs){
if("autologin".equals(c.getName())){
findC = c;
break;
}
}
}

if(findC!=null){
//3.自动登录Cookie中保存的用户名密码都需要是正确的才能自动登陆
String name = findC.getValue().split(":")[0];
String password= findC.getValue().split(":")[1];
String sql = "select * from user where name = ? and password = ? ";
User user = null;
try {
QueryRunner runner = new QueryRunner(DaoUtils.getSource());
user = runner.query(sql, new BeanHandler<User>(User.class),name,password);
} catch (SQLException e) {
e.printStackTrace();
}

if(user!=null){
req.getSession().setAttribute("user", user);
}
}
}
//无论是否自动登陆,都放行资源
chain.doFilter(request, response);
}
}

5、注册过滤器

注册
<filter>
<description>自动登陆过滤器</description>
<filter-name>AutologinFilter</filter-name>
<filter-class>com.itheima.filter.AutologinFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AutologinFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

6、注销功能

public class LogoutServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
if(request.getSession(false)!=null){
request.getSession().invalidate();

//删除自动登录 cookie
Cookie autologinC = new Cookie("autologin", "");
autologinC.setPath(request.getContextPath());
autologinC.setMaxAge(0);
response.addCookie(autologinC);
}
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
}

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航