登陆login.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<h1>用户登录</h1><hr>
<form action="${pageContext.request.contextPath }/servlet/LoginServlet" method="POST">
用户名<input type="text" name="name" />
密码<input type="password" name="password" />
<input type="checkbox" name="autologin" value="true"/>30天内自动登陆
<input type="submit" value="登录"/>
</form>
</body>
</html>
loginServlet.java
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//1.获取用户名密码
String name = request.getParameter("name");
String password = MD5Utils.md5(request.getParameter("password"));
//2.校验用户名密码
String sql = "select * from user where name = ? and password = ? ";
User user = null;
try {
QueryRunner runner = new QueryRunner(DaoUtils.getSource());
user = runner.query(sql, new BeanHandler<User>(User.class),name,password);
} catch (SQLException e) {
e.printStackTrace();
}
if(user == null){
response.getWriter().write("用户名密码不正确");
return;
}else{
//3.登录用户
request.getSession().setAttribute("user", user);
//如果用户勾选过30天内自动登陆,发送自动登陆cookie
if("true".equals(request.getParameter("autologin"))){
Cookie autologinC = new Cookie("autologin",user.getName()+":"+user.getPassword());
autologinC.setPath(request.getContextPath());
autologinC.setMaxAge(3600*24*30);
response.addCookie(autologinC);
}
//4.重定向到主页
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
logoutServlet.java
public class LogoutServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
if(request.getSession(false)!=null){
request.getSession().invalidate();
//删除自动登陆cookie
Cookie autologinC = new Cookie("autologin","");
autologinC.setPath(request.getContextPath());
autologinC.setMaxAge(0);
response.addCookie(autologinC);
}
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
自动登陆的过滤器代码:
public class AutologinFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
//1.只有未登录的用户才能自动登陆
if(req.getSession(false)==null || req.getSession().getAttribute("user")==null){
//2.只有带了自动登陆cookie的用户才能自动登陆
Cookie [] cs = req.getCookies();
Cookie findC = null;
if(cs!=null){
for(Cookie c : cs){
if("autologin".equals(c.getName())){
findC = c;
break;
}
}
}
if(findC!=null){
//3.自动登录Cookie中保存的用户名密码都需要是正确的才能自动登陆
String name = findC.getValue().split(":")[0];
String password= findC.getValue().split(":")[1];
String sql = "select * from user where name = ? and password = ? ";
User user = null;
try {
QueryRunner runner = new QueryRunner(DaoUtils.getSource());
user = runner.query(sql, new BeanHandler<User>(User.class),name,password);
} catch (SQLException e) {
e.printStackTrace();
}
if(user!=null){
req.getSession().setAttribute("user", user);
}
}
}
//无论是否自动登陆,都放行资源
chain.doFilter(request, response);
}
public void init(FilterConfig filterConfig) throws ServletException {
}
}
乱码解决的过滤器 见上一篇文章。