UserLoggingDao:
public interface UserLoggingDao {
// 根据账号获取用户信息
User findByAccount(String account);
}
UserLoggingDaoImpl:
public class UserLoggingDaoImpl implements UserLoggingDao{
@Override
public User findByAccount(String account) {
//定义一个User
User user = null;
try {
//连接数据库
Connection conn = DBUtils.getConnection();
//输入sql语句
String sql = "SELECT id, password FROM user WHERE account=?;";
PreparedStatement ps = conn.prepareStatement(sql);
//添加?中的数据
ps.setString(1, account);
//执行
ResultSet rs = ps.executeQuery();
while(rs.next()) {
//获取数据库中搜索的值
Integer id = rs.getInt(1);
String Password = rs.getString(2);
//添加数据到user
user = new User();
user.setId(id);
user.setAccount(account);
user.setPassword(Password);
}
//关闭流
rs.close();
ps.close();
conn.close();
} catch (ClassNotFoundException | SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//返回user
return user;
}
}
UserLoggingService:
public interface UserLoggingService {
//根据account和password获取登录结果
boolean login(String account,String password);
}
UserLoggingServiceImpl:
public class UserLoggingServiceImpl implements UserLoggingService {
private UserLoggingDao userLoggingDao = new UserLoggingDaoImpl();
@Override
public boolean login(String account, String password) {
User user = userLoggingDao.findByAccount(account);
if(user == null){
//账号不存在
return false;
}
if (!user.getPassword().equals(password)) {
// 密码不相同
return false;
}
//密码一致
return true;
}
}
LoginServlet:
/**
* Servlet implementation class LoginServlet
*/
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
private UserLoggingService userLoggingService = new UserLoggingServiceImpl();
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//接收网页的数据
String account = request.getParameter("account");
String password = request.getParameter("password");
//如果相应数据有中文 还需要设置相应头才能正确显示
response.setHeader("content-Type", "text/html;charset=utf-8");
if(userLoggingService.login(account, password)){
// 把账号存入 session
HttpSession session = request.getSession();
session.setAttribute("account", account);
// 自动登录第 1 步:登录成功后把账号和密码发送给浏览器,保存在 cookie 中
Cookie accountCookie = new Cookie("account", account);
Cookie passwordCookie = new Cookie("password", password);
accountCookie.setMaxAge(3600);
passwordCookie.setMaxAge(3600);
// 把 cookie 添加到 response 中,发送给 client。
// 如果 client 是浏览器,会自动保存接收到的 cookie
response.addCookie(accountCookie);
response.addCookie(passwordCookie);
//登陆成功 重定向到 admin
response.sendRedirect("admin.jsp");
}else{
//登录失败,转发请求到login
request.setAttribute("errorMessage", "检查一下账号和密码,再输入一下哦~");
request.getRequestDispatcher("/login.jsp").forward(request, response);
}
}
}
LogoutServlet:
/**
* Servlet implementation class LogoutServlet
*/
public class LogoutServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 清除 session 中保存的数据
HttpSession session = request.getSession();
//直接销毁
session.invalidate();
// 重定向到 login.jsp
response.sendRedirect(request.getContextPath() + "/login.jsp");
}
}
IndexServlet:
/**
* Servlet implementation class IndexServlet
*/
public class IndexServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
private UserLoggingService userLoggingService = new UserLoggingServiceImpl();
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 自动登录第 2 步:获取 request 的 cookie 中是 account 和 password 的值
String cookieAccount = null; // cookie 中的密码
String cookiePassword = null; // cookie 中的账号
// 获取请求中的所有 cookie 信息
Cookie[] cookies = request.getCookies();
// 如果 cookies 不为 null,遍历数组,找出 account 和 password
if (cookies != null) {
for (Cookie cookie : cookies) {
// 根据 key 寻找 account 和 password 的 value
String key = cookie.getName();
if ("account".equals(key)) {
cookieAccount = cookie.getValue();
}else if ("password".equals(key)) {
cookiePassword = cookie.getValue();
}
}
}
// 如果 cookie 有账号和密码,进行登录验证
if (cookieAccount != null && cookiePassword != null) {
if (userLoggingService.login(cookieAccount, cookiePassword)) {
// 把账号存入 session,那么其它 jsp 和 servlet 都可以使用了
HttpSession session = request.getSession(); // 获取当前 client 对应的 session
session.setAttribute("account", cookieAccount); // 数据以 key=value 的形式存入 session 中
// 登录成功,重定向到 list.jsp
response.sendRedirect(request.getContextPath() + "/admin.jsp");
}else {
// 追加错误信息,转发给 login.jsp 重新输入账号密码
request.setAttribute("errorMessage", "请重新登录哟!");
request.getRequestDispatcher("/login.jsp").forward(request, response);
}
}else {
// 如果没有,重定向到 login.jsp 进行手动登录
response.sendRedirect(request.getContextPath() + "/login.jsp");
}
}
}