利用cookie, session 和Filter实现简单的自动登陆

需求:
1.当用户请求主页面时如果没有登陆转发到登陆界面
2.将用户信息存入到session中,账号密码存入cookie。
3.利用Filter过滤全局检测cookie,调用service实现登陆。
密码加密,登陆,注册页面不能自动登陆
jsp:

主页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8" isELIgnored="false"%>

<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<html>
<head>
</head>

<body>
    <c:if test="${sessionScope.c==null}">
        <script type="text/javascript">
            location.href = '${pageContext.request.contextPath}/login.jsp';
        </script>

    </c:if>

    <h5>当前用户:${sessionScope.c.name}</h5>

</body>
</html>
登陆页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8" isELIgnored="false"%>

<html>
<head>
</head>
<body>
    <hr>
    ${error}
    <form action="${pageContext.request.contextPath}/login" method="post">
用户姓名:<input type="text" name="username"><br> 
用户密码:<input type="password" name="password"><br> <input type="checkbox" name="autoLogin"value="is">自动登陆<br>
<input  type="submit" value="登陆">
    </form>       

    </body>
</html>

登陆servlet
package com.kick.web;
import java.io.IOException;
import java.sql.SQLException;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.kick.domain.Customer;
import com.lick.service.KickService;

public class LoginServlet extends HttpServlet {
        public void destroy() {
        super.destroy();

    }

    @SuppressWarnings("unchecked")
    public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {
        request.setCharacterEncoding("utf-8");

        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String autoLogin = request.getParameter("autoLogin");
        if (username != null) {
            KickService service = new KickService();//业务层登陆方法 不贴了
            try {
                Customer c = service.queryCustomer(username, password);
                if (c == null) {
                    request.setAttribute("error", "用户名或密码错误");
                    request.getRequestDispatcher("/login.jsp").forward(request,
                            response);
                } else {
                    // 登陆成功 将用户存入到session中
                    request.getSession().setAttribute("c", c);
                    //判断是否勾选,自动登陆将用户名和密码存入到cookie中
                    if("is".equals(autoLogin)){
                    Cookie cookie=new Cookie("autoLogin",username+","+password);
                        cookie.setPath("/");
                        cookie.setMaxAge(60*60*24*7);//存储7天
                        //回写到客户端
                        response.addCookie(cookie);

                    }
    //重定向到主页面               response.sendRedirect(request.getContextPath()+"/success.jsp");                  



            }

            } catch (SQLException e) {

                e.printStackTrace();
                response.getWriter().write("用户名或密码错误");
                return;
            }

        }

    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);

    }

    public void init() throws ServletException {

    }

}

Filter


package com.kick.filter;
import java.io.IOException;
import java.sql.SQLException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.kick.domain.Customer;
import com.kick.utils.CookieUtils;
import com.lick.service.KickService;

public class AutoLoginFilter implements Filter {
    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
            FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        // 拦截请求进行自动登陆
            Customer customer = (Customer) request.getSession().getAttribute("c");
        String uri = request.getRequestURI();
        String contextpath = request.getContextPath();
        String path = uri.substring(contextpath.length());

        // 判断用户的请求 路径是否为登陆页面
        if (!path.equals("/login.jsp") || path.equals("/login")) {
            // 如果用户没有登陆即session没有超时,还存有用户信息进行自动登陆
            if (customer == null) {
                Cookie cookie = CookieUtils.getCookie(request.getCookies(),
                        "autoLogin");
                if (cookie != null) {
                    // 获取用户名和密码
                    String username = cookie.getValue().split(",")[0];
                    String password = cookie.getValue().split(",")[1];
                    KickService service = new KickService();
                    // 登陆
                    try {
                    Customer c = service.queryCustomer(username, password);
                        if (c != null) {
                       request.getSession().setAttribute("c", c);//将用户信息存入到session
                        }
                    } catch (SQLException e) {
                        e.printStackTrace();
                    }

                }
            }
        }
        // 登陆之后正常操作
        chain.doFilter(request, response);

    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {

    }

}

web.xml


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
    <filter>
        <filter-name>AutoLoginFilter</filter-name>
        <filter-class>com.kick.filter.AutoLoginFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>AutoLoginFilter</filter-name>
        <url-pattern>/*</url-pattern>

    </filter-mapping>


    <servlet>
        <servlet-name>LoginServlet</servlet-name>
        <servlet-class>com.kick.web.LoginServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>LoginServlet</servlet-name>
        <url-pattern>/login</url-pattern>
    </servlet-mapping>

</web-app>
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值