完成登录--认证
创建User实体类
public class User {
private Integer id;
private String username;
private String password;
private String name;
private Double balance;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Double getBalance() {
return balance;
}
public void setBalance(Double balance) {
this.balance = balance;
}
}
创建UserDao
public class UserDao extends BaseDao {
/**
* 根据账户和密码查询用户信息
* @param name 账户
* @param pwd 密码
* @return 用户信息
*/
public User selectByNameAndPwd(String name,String pwd){
Connection connection = null;
PreparedStatement ps = null;
ResultSet rs = null;
User user=null;
try {
//1.获取连接对象
connection = getConnection();
//2.获取执行sql语句的对象 ---晚上写做也有问题---腾讯会议问我。
String sql = "select * from t_user where username=? and password=?";
ps = connection.prepareStatement(sql);
ps.setObject(1,name);
ps.setObject(2,pwd);
//3.执行sql语句
rs = ps.executeQuery();
//4. 封装到实体类型
while (rs.next()){
user=new User();
user.setId(rs.getInt("id"));
user.setName(rs.getString("name"));
user.setPassword(rs.getString("password"));
user.setUsername(rs.getString("username"));
user.setBalance(rs.getDouble("balance"));
}
} catch (SQLException throwables) {
throwables.printStackTrace();
} finally {
close(rs,ps,connection);
}
return user;
}
}
创建LoginServlet
@WebServlet(name = "LoginServlet",urlPatterns = "/LoginServlet")
public class LoginServlet extends HttpServlet {
private UserDao userDao=new UserDao();
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//1.接受账户和密码
String username = req.getParameter("username");
String pwd = req.getParameter("pwd");
//2. 调用dao方法
User user = userDao.selectByNameAndPwd(username, pwd);
if(user!=null){
//保存到session会话中
HttpSession session = req.getSession();
session.setAttribute("user",user);
//跳转
resp.sendRedirect("/StudentServlet");
}else{
resp.sendRedirect("/login.jsp");
}
}
}
登录页
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form action="/LoginServlet" method="post">
账户:<input type="text" name="username"/><br>
密码:<input type="text" name="pwd"/><br>
<input type="submit" value="登录"/>
</form>
</body>
</html>
如果没有登录无法访问任意资源
在操作任意资源前都需要判断当前session会中是否存在用户信息,如果存在则可以访问。 如果在每个资源前加则会操作代码的重复。 使用过滤器。
@WebFilter(urlPatterns = "/*")
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
//HttpServletRequest
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response= (HttpServletResponse) resp;
//1.获取客户的请求路径
String path = request.getServletPath();
//2.哪里路径需要放行。 图片 css js login.jsp /LoginServlet
if("/login.jsp".equals(path) || "/LoginServlet".equals(path)
|| path.endsWith(".jpg")|| path.endsWith(".png")
|| path.endsWith(".gif") || path.endsWith(".css")
|| path.endsWith(".js")
){
filterChain.doFilter(req,resp);
return; //结束方法
}
//3. 判断有没有登录
HttpSession session = request.getSession();
Object user = session.getAttribute("user");
if(user!=null){
filterChain.doFilter(req,resp);
return; //结束方法
}
//4. 跳转到登录页面
response.sendRedirect("/login.jsp");
}
@Override
public void destroy() {
}
}
分页
修改了StudentServlet查询所有的方法
dao中修改和增加的方法