一个正常的网站,总是绕不开账号的登录注册,现在我们来讲讲看springmvc的登录注册的实现。
1. 注册
现在我们有个用mybatis-generator自动生成的实体类,User
然后jsp页面表单提交
zc.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%--
Created by IntelliJ IDEA.
User: 11655
Date: 2017/4/17
Time: 13:37
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form id="zc" action="/lxf/test5/zc" method="post">
<label for="name">用户名:</label> <input type="text" required id="name" name="name"><br>
<label for="pw">密码:</label> <input type="password" required id="pw" name="pw"><br>
性别: <input type="radio" required value="0" name="sex">男 <input type="radio" value="1" required name="sex">女<br>
<input type="submit" value="注册">
<input type="reset" value="重置"/>
</form>
</body>
<script>
//对应后台返回的提示
if ('${result}' != '') {
if ('${result}' == 1) {
alert('注册成功,将跳转到登录页面!')
location.href = '/lxf/test5/dl'
}
if ('${result}' == 0) {
alert('未知错误,注册失败!')
}
if ('${result}' == 2) {
alert('该账号已有人注册!')
}
}
</script>
</html>
后台对应的controller
@Autowired
private UserService userService;
@RequestMapping(value = "/lxf/test5/zc", method = RequestMethod.GET)
public String toZhuce() {
return "lxf/zc";
}
@RequestMapping(value = "/lxf/test5/zc", method = RequestMethod.POST)
public String insertUser(@ModelAttribute User user, Model model) {
User record = new User();
record.setName(user.getName());
List<User> list = userService.selectSelective(record);
if (list.size() == 0) {
user.setCreatetime(new Date());
user.setPw(MD5(user.getPw())); //安全性保证,加密用户密码
if (userService.insert(user) == 1)
model.addAttribute("result", 1); //注册成功
else
model.addAttribute("result", 0); //未知错误,注册失败
} else {
model.addAttribute("result", 2); //该账号已有人注册!
}
return "lxf/zc";
}
这里要注意的是,出于用户账号安全的考虑,我们要将用户的密码进行加密,这样只有用户自己知道自己的密码,这里我们用MD5加密,附上方法
Encryption.java
package com.springmvc.lxf.util;
import java.security.MessageDigest;
/*
* 密码加密
*/
public class Encryption {
// MD5加码。32位
public static String MD5(String inStr) {
MessageDigest md5 = null;
try {
md5 = MessageDigest.getInstance("MD5");
} catch (Exception e) {
System.out.println(e.toString());
e.printStackTrace();
return "";
}
char[] charArray = inStr.toCharArray();
byte[] byteArray = new byte[charArray.length];
for (int i = 0; i < charArray.length; i++)
byteArray[i] = (byte) charArray[i];
byte[] md5Bytes = md5.digest(byteArray);
StringBuffer hexValue = new StringBuffer();
for (int i = 0; i < md5Bytes.length; i++) {
int val = ((int) md5Bytes[i]) & 0xff;
if (val < 16)
hexValue.append("0");
hexValue.append(Integer.toHexString(val));
}
return hexValue.toString();
}
// 可逆的加密算法
public static String KL(String inStr) {
// String s = new String(inStr);
char[] a = inStr.toCharArray();
for (int i = 0; i < a.length; i++) {
a[i] = (char) (a[i] ^ 't');
}
String s = new String(a);
return s;
}
// 加密后解密
public static String JM(String inStr) {
char[] a = inStr.toCharArray();
for (int i = 0; i < a.length; i++) {
a[i] = (char) (a[i] ^ 't');
}
String k = new String(a);
return k;
}
/*// 测试主函数
public static void main(String args[]) {
String s = new String("123123");
System.out.println("原始:" + s);
System.out.println("MD5后:" + MD5(s));
System.out.println("MD5后再加密:" + KL(MD5(s)));
System.out.println("解密为MD5后的:" + JM(KL(MD5(s))));
}*/
/**
* 创建指定数量的随机字符串
*
* @param numberFlag
* 是否是数字
* @param length
* @return
*/
public static String generateQC(boolean numberFlag, int length) {
String retStr = "";
String strTable = numberFlag ? "1234567890"
: "1234567890abcdefghijkmnpqrstuvwxyz";
int len = strTable.length();
boolean bDone = true;
do {
retStr = "";
int count = 0;
for (int i = 0; i < length; i++) {
double dblR = Math.random() * len;
int intR = (int) Math.floor(dblR);
char c = strTable.charAt(intR);
if (('0' <= c) && (c <= '9')) {
count++;
}
retStr += strTable.charAt(intR);
}
if (count >= 2) {
bDone = false;
}
} while (bDone);
return retStr;
}
}
2. 登录
好了,注册的流程跑通了,我们来看看登录。
这是个简单的流程,逻辑就是前台用户填写用户名和密码,然后form传值到后台,后台根据用户提交的用户名去数据库匹配查询,如果没有数据的话,就返回提示“该账户没有注册”,如果有数据的话,进行下一步匹配,看看密码是不是对应上,密码错误的话,再返回提示“密码错误”,如果密码正确,就将相应的user放到session里面,成功登录。
注:Session代表服务器与浏览器的一次会话过程,我们打开一次浏览器,就能产生一个新的session,可以在session里面保存用户的数据,具体知识下一讲讲。
dl.jsp
<%--
Created by IntelliJ IDEA.
User: 11655
Date: 2017/4/17
Time: 20:44
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form id="zc" action="/lxf/test5/dl" method="post">
<label for="name">用户名:</label> <input type="text" required id="name" name="name"><br>
<label for="pw">密码:</label> <input type="password" required id="pw" name="pw"><br>
<input type="submit" value="登录">
<input type="button" value="注册" onclick="location.href='/lxf/test5/zc'">
</form>
</body>
<script>
//对应后台返回的提示
if ('${result}' != '') {
if ('${result}' == 0)
alert('该账户不存在!')
if ('${result}' == 1)
alert('密码错误!')
if ('${result}' == 2) {
alert('登录成功!')
location.href = '/lxf/test5/userInfo'
}
}
</script>
</html>
后台controller,用session.setAttribute(name,value)
将用户信息保存在session里面
//跳转到登录页面
@RequestMapping(value = "/lxf/test5/dl", method = RequestMethod.GET)
public String toDenglv() {
return "lxf/dl";
}
//实现登录功能,将用户信息保存在session里面
@RequestMapping(value = "/lxf/test5/dl", method = RequestMethod.POST)
public String doDenglv(HttpSession session, Model model, @ModelAttribute User user) {
List<User> list = new ArrayList<User>();
User record = new User();
record.setName(user.getName());
list = userService.selectSelective(record);
if (list.size() == 0)
model.addAttribute("result", "0"); //该账户不存在!
else {
record.setPw(MD5(user.getPw()));
list = userService.selectSelective(record);
if (list.size() == 0)
model.addAttribute("result", "1"); //密码错误!
else {
record = list.get(0);
session.setAttribute("user", record);
//将用户信息保存在session里面
model.addAttribute("result", "2"); //登陆成功!
}
}
return "/lxf/dl";
}
登录成功之后,可以跳转到个人信息页面,用session.getAttribute(name)
方法从session里面把个人信息拿出来,在页面上显示
controller
@RequestMapping(value = "/lxf/test5/userInfo", method = RequestMethod.GET)
public String toInfo(Model model, HttpSession session) {
User user = (User) session.getAttribute("user");
if (user != null)
model.addAttribute("user", user);
return "lxf/userInfo";
}
userInfo.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%--
Created by IntelliJ IDEA.
User: 11655
Date: 2017/4/17
Time: 21:14
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<c:if test="${! empty user}">
欢迎您,${user.name}${user.sex eq 1 ?'女士':'先生'}
</c:if>
<c:if test="${ empty user}">
对不起,请先<a href="/lxf/test5/dl">登录</a>
</c:if>
</body>
</html>
##3. 注销
我们用session来保存用户信息,那么注销账户就是将用户的信息从session里面移除,有两种方法session.invalidate()
,这个方法会清空所有已定义的session;session.removeAttribute(name)
,这个就将对应的信息移除
controller
//退出登录,注销账户
@RequestMapping(value = "/lxf/test5/logout", method = RequestMethod.GET)
public String logout(HttpSession session) {
session.invalidate();
// session.removeAttribute("user");
return "lxf/dl";
}
好了,这次就到这里,有什么不太清楚的地方可以看看我之前的博客,如果我有哪里讲的不太好的地方,欢迎指出~
欢迎加入–qq群–JAVA后台学习交流群:486055993