一、流程图
二、创建用户信息类User
public class User {
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
三、创建IndexServlet,显示网站首页
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 解决乱码问题
response.setContentType("text/html;charset=utf-8");
// 创建或者获取保存用户信息的Session对象
HttpSession session = request.getSession();
User user = (User) session.getAttribute("user");
if (user == null) {
response.getWriter().print("您还没有登录,请<a href='"+request.getContextPath()+"/login.html'>登录 </a>");
} else {
response.getWriter().print("您已登录,欢迎你," + user.getUsername() + "!");
response.getWriter().print("<a href='"+request.getContextPath()+"/LogoutServlet'>退出</a>");
// 创建Cookie存放Session的标识号
Cookie cookie = new Cookie("JSESSIONID", session.getId());
cookie.setMaxAge(60 * 30);
cookie.setPath(request.getContextPath());
response.addCookie(cookie);
}
}
如果用户没有登录,那么首页会提示用户登录,否则显示用户已经登录。登录时会把用户信息对象作为Session的一个属性,所以我们要先获取Session对象,再获取属性,然后判断属性是否存在。
这里有一个有意思的现象,在if成立时,并没有创建Cookie对象,更没有把Cookie对象加到响应对象,但在else中把Cookie对象加到响应对象,这是为什么?
因为当执行getSession()的时候,如果之前不存在Session,那么就会创建Session,创建Session时会把含有Session ID 的Cookie对象加到响应对象上。
四、创建LoginServlet,验证用户名和密码
public class LoginServlet extends HttpServlet {
/**
* 未添加验证码
*/
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
PrintWriter pw = response.getWriter();
//假设正确的用户名 是itcast 密码是123
if (("itcast").equals(username) && ("123").equals(password)) {
User user = new User();
user.setUsername(username);
user.setPassword(password);
request.getSession().setAttribute("user", user);
response.sendRedirect(request.getContextPath()+"/IndexServlet");
} else {
pw.write("用户名或密码错误,登录失败");
}
}
//doPost
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
如果用户登录成功,则跳转到网站首页,否则向浏览器输出“用户名或密码错误,登录失败”。
五、创建登录页面
<body>
<form name="reg" action="/chapter05/LoginServlet" method="post">
用户名: <input name="username" type="text" /><br/>
密 码:<input name="password" type="password" /><br/>
<!-- 验证码:<input type="text" name="check_code">
<img src="/chapter05/CheckServlet"><br> -->
<input type="submit" value="提交" id="bt" />
</form>
</body>
六,启动项目,测试显示首页和登录功能
http://localhost:8080/chapter05/IndexServlet
点击登录
点击提交
如果用户名或者密码错误
七、创建LogoutServlet,注销用户
public class LogoutServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 将Session对象中的User对象移除
request.getSession().removeAttribute("user");
response.sendRedirect(request.getContextPath()+"/IndexServlet");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
当用户单击退出时,该类会将Session对象中的user属性移除,之后跳转到首页