在servlet的学习中我们必须要知道这两个特殊的Servlet,可以帮助我们解决一些问题
filter过滤器,可以帮助我们修改request和response内容,比如登录验证
登录验证
下面实现了一个简单的登录验证,没有实现异常处理,首先我们需要实现登录功能。
1.实体类书写
package com.by.entity;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import java.io.Serializable;
/**
* @version 1.0.1
* @Author gsh
* @Date 2024-09-11 17:00
**/
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
public class User implements Serializable {
private Integer userId;
private String userName;
private String password;
private String userPic;
public User(String userName, String password) {
this.userName = userName;
this.password = password;
}
public User(Integer userId, String userName, String password) {
this.userId = userId;
this.userName = userName;
this.password = password;
}
public User(String userName, String password, String userPic) {
this.userName = userName;
this.password = password;
this.userPic = userPic;
}
}
2.dao层接口以及接口实现
package com.by.dao;
import com.by.entity.User;
import java.util.List;
public interface UserDao {
/**
* 根据用户姓名查找用户信息
* @param userName 用户姓名
* @return 返回一个用户
*/
User selectUSerByUserName(String userName);
}
package com.by.dao.impl;
import com.by.dao.UserDao;
import com.by.entity.User;
import com.by.util.JdbcUtils;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import java.util.List;
public class UserDaoImpl implements UserDao {
private JdbcTemplate jdbcTemplate = JdbcUtils.getJDBCTemplate();
@Override
public User selectUSerByUserName(String userName) {
String sql = "select * from t_user where user_name=?";
List<User> list = jdbcTemplate.query(sql, new BeanPropertyRowMapper<>(User.class), userName);
return list.isEmpty()?null:list.get(0);
}
}
3.处理登录的Servlet-AdminLoginServlet,将用户名存入session
package com.by.servlet;
import com.by.entity.User;
import com.by.service.UserService;
import com.by.service.impl.UserServiceImpl;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet("/adminLogin")
public class AdminLoginServlet extends HttpServlet {
private final UserService userService = new UserServiceImpl();
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username= request.getParameter("username");
String password= request.getParameter("password");
User user = userService.queryUserByUserName(username);
if (user.getUserName().equals(username)&&user.getPassword().equals(password)){
//在servlet中获取session
HttpSession session=request.getSession();
session.setAttribute("username",username);
response.sendRedirect("admin/adminMain.jsp");
}
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
}
4.登录页面准备adminLogin.jsp直接放在webapp下面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML>
<html>
<meta http-equiv="content-type" content="text/html;charset=utf-8" /><!-- /Added by HTTrack -->
<head>
<meta charset="UTF-8">
<meta name="description" content="">
<meta name="keywords" content="">
<title>数码在线</title>
</head>
<body>
<form action="/adminLogin" method="post">
账号: <input type="text" name="username"> <br/>
密码: <input type="password" name="password"> <br/>
<input type="submit" value="登录">
</form>
</body>
</html>
在这一步我们还需要在webapp下面创建登录成功之后需要访问的页面,这里我们创建一个admin文件夹,然后把登录成功adminMain.jsp页面放进去
adminMain.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML>
<html>
<meta http-equiv="content-type" content="text/html;charset=utf-8" /><!-- /Added by HTTrack -->
<head>
<meta charset="UTF-8">
<meta name="description" content="">
<meta name="keywords" content="">
<title>数码在线</title>
</head>
<body>
<!-- 在page request session application 四个域中查找key值为username的值 -->
<%--<%--%>
<%-- String username=(String) session.getAttribute("username"); 这里是原有登录验证--%>
<%-- if(username == null){--%>
<%-- response.sendRedirect("/adminLogin.jsp");--%>
<%-- }--%>
<%--%>--%>
<h2>管理员主页</h2>
${sessionScope.username},欢迎你,登录成功
<a href="/logOut">安全退出</a>
</body>
</html>
5.filter实现登录验证-AdminFilter,这里在拦截路径上设置admin文件夹都被拦截,可以将登录后才能访问的页面都写在这里
package com.by.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author gsh
* @date 2024/9/19 10:15</p>
*/
@WebFilter(urlPatterns = "/admin/*")
public class AdminFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpSession session = request.getSession();
String username = (String) session.getAttribute("username");
if (username!=null){
filterChain.doFilter(servletRequest,servletResponse);
}else {
request.getRequestDispatcher("/adminLogin.jsp").forward(servletRequest, servletResponse);
}
}
@Override
public void destroy() {
}
}
为了防止乱码,可以添加另一个filter-EnCodingFilter
package com.by.filter;
import javax.servlet.*;
import java.io.IOException;
/**
* @author gsh
* @date 2024/9/19 10:12</p>
*/
public class EnCodingFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
servletRequest.setCharacterEncoding("UTF-8");
servletResponse.setCharacterEncoding("UTF-8");
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
}
}
这样就实现了简单的登录验证