用户注册
(1)手机号注册
(2)邮箱注册
用户登录
登录Controller
/**
* 显示登陆页面
* @param request
* @param model
* @return
*/
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String preLogin(HttpServletRequest request, Model model) {
// 登陆自动跳转到某个链接
// String referer = request.getHeader("referer");
// String requestURL = request.getRequestURL().toString();
// referer = handleLoginRedirectURL(requestURL, referer);
// model.addAttribute("refererURL", referer);
return "/user/login";
}
@RequestMapping(value = "/dologin", method = RequestMethod.POST)
public String login(HttpServletRequest request, HttpServletResponse response, User user) {
//验证用户
User loginUser = userService.login(user);
if (null == loginUser) {
return "redirect:/login";
} else {
//处理cookie
WebUser webUser = new WebUser();
webUser.setUserId(loginUser.getId());
webUser.setUsername(loginUser.getName());
webUser.setLoginStatus(WebConstants.USER_LOGIN_STATUS_NORMAL);
// CookieUtil.setLoginUser(response, webUser);
super.setCurrentLoginUser(response, webUser);
return "redirect:/";
}
}
注:
(1)preLogin
跳转到登录界面。
(2)login
进行登录的验证以及登录状态的保存。
(3)WebUser
为放入到Cookie的登录对象信息。
UserService
验证用户:User loginUser = userService.login(user);
public User login(User user) {
//验证
if (null == user || StringUtils.isEmpty(user.getName()) || StringUtils.isEmpty(user.getPassword())) {
return null;
}
User dbUser = userDAO.getByName(user.getName());
if (null == dbUser) {
return null;
}
//校验密码
//用户输入的密码
String password = DigestUtils.md5DigestAsHex(user.getPassword().getBytes()).toUpperCase();
if (!Objects.equals(password, dbUser.getPassword())) {
return null;
}
User tempUser = new User();
tempUser.setId(dbUser.getId());
tempUser.setLoginTime(new Date());
updateByIdSelective(tempUser);
return dbUser;
}
/**
* 修改用户信息
* @param user
* @return
*/
public int updateByIdSelective(User user) {
if (user == null || user.getId() == 0) {
return 0;
}
user.setUpdateTime(new Date());
return userDAO.updateById(user);
}
注:
(1)判断用户的输入
(2)数据库取数据(通过下面的UserDAO)
(3)验证输入和数据库的数据
(4)更新数据库的登录时间(只设置了时间)
UserDAO
/**
* 通过用户名查询用户
* @param name 用户名
* @return
*/
public User getByName(String name) {
Map<String, Object> params = new HashMap<>();
params.put("name", name);
return findOne(MAPPER_NAMESPACE + ".selectByName", params);
}
/**
* 更新用户信息
* @param user
* @return
*/
public int updateById(User user) {
return update(MAPPER_NAMESPACE + ".updateByPrimaryKeySelective", user);
}
注:
(1)根据输入的用户名查找用户。
(2)更新用户(登陆时间)。
CookieUtil
public class CookieUtil {
/**
* 默认Cookie过期时间(单位:秒)
*/
public static final int MAX_AGE = 60 * 30;
/**
* 用户登陆信息Cookie名字
*/
public static final String USER_INFO = "ui";
/**
* 向Cookie中写入用户信息
*
* @param response
* @param user
*/
public static void setLoginUser(HttpServletResponse response, WebUser user) {
if (null == response || null == user) {
return;
}
long userId = user.getUserId();
String username = user.getUsername();
try {
username = URLEncoder.encode(user.getUsername(), "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
StringBuilder cookieValue = new StringBuilder();
//FIXME userId此处写入是用于调试,上线需要去掉
cookieValue.append(userId).append("|").append(username).append("|").append(user.getLoginStatus());
addCookie(response, USER_INFO, cookieValue.toString());
}
public static void addCookie(HttpServletResponse response, String name, String value) {
Cookie cookie = new Cookie(name, value);
cookie.setPath("/");
cookie.setMaxAge(MAX_AGE);
response.addCookie(cookie);
}
}
重要方法:
(1)setLoginUser:设置一个字符串类型的Cookie。
(2)addCookie:加入到response
,注意路径(防止cookie冲突)和生命周期。
登录鉴权
访问需要登录权限的网址前,通过LoginInterceptor
来判断用户是否已经登录。
LoginInterceptor
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
WebUser webUser = CookieUtil.getLoginUser(request);
if (null == webUser) {
String basePath = request.getScheme() + "//:" + request.getServerName() + ":" + request.getServerPort();
response.sendRedirect(basePath + "/login");
return false;
}
return true;
}
首先,需要通过Cookie拿到对应的WebUser信息使用如下方法进行操作;若没有登录则跳转到登录页面。
public class CookieUtil {
//上述方法不再描述。
public static WebUser getLoginUser(HttpServletRequest request) {
if (null == request) {
return null;
}
//从cookie里取出用户信息(三个字段)
String value = getCookieValue(USER_INFO, request);
if (StringUtils.isEmpty(value)) {
return null;
}
String[] array = value.split("\\|");
WebUser user = new WebUser();
user.setUserId(Long.parseLong(array[0]));
try {
user.setUsername(URLDecoder.decode(array[1], "UTF-8"));
} catch (UnsupportedEncodingException e) {
user.setUsername(array[1]);
}
user.setLoginStatus(Integer.parseInt(array[2]));
return user;
}
public static String getCookieValue(String name, HttpServletRequest request) {
if (null == request || StringUtils.isEmpty(name)) {
return null;
}
Cookie[] cookies = request.getCookies();
if (null == cookies || 0 == cookies.length) {
return null;
}
for (Cookie cookie : cookies) {
if (Objects.equals(cookie.getName(), name)) {
return cookie.getValue();
}
}
return null;
}
}
注:
(1)getLoginUser:从Cookie拿到登录的用户信息。
(2)getCookieValue:从多个Cookie中拿到指定用户名的Cookie。
UserInterceptor
登陆后,访问页面,延长Cookie的有效期,放在UserInterceptor。
public class UserInterceptor implements HandlerInterceptor {
@Autowired
private UserService userService;
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object o, ModelAndView modelAndView) throws Exception {
//从cookie中取出用户信息
WebUser webUser = CookieUtil.getLoginUser(request);
if (null != webUser) {
CookieUtil.setLoginUser(response, webUser);
}
if (null != modelAndView && null != webUser && StringUtils.isNotEmpty(webUser.getUsername())) {
Long cartSize = SpringApplicationContext.getBean(CartService.class).getCartSize(webUser.getUserId());
modelAndView.addObject("cartSize", cartSize);
modelAndView.addObject("username", webUser.getUsername());
}
if (null != modelAndView && modelAndView.getViewName().startsWith("redirect:")) {
modelAndView.getModel().clear();
}
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
退出登录
LoginController
@Controller
public class LoginController extends BaseSiteController {
@RequestMapping(value = "/logout")
public String logout(HttpServletResponse response) {
CookieUtil.removeCookie(response, CookieUtil.USER_INFO, "/");
return "redirect:/";
}
}
清除Cookie
public class CookieUtil {
//上述方法不再描述。
/**
* 删除Cookie
*
* @param response HttpServletResponse
* @param name Cookie名
* @param path Cookie Path
*/
public static void removeCookie(HttpServletResponse response, String name, String path) {
if (null == response || StringUtils.isEmpty(name) || StringUtils.isEmpty(path)) {
return;
}
Cookie cookie = new Cookie(name, "");
cookie.setPath(path);
cookie.setMaxAge(0);
response.addCookie(cookie);
}
}
(1)removeCookie:移除Cookie。
用户注册
@Controller
public class UserController extends BaseSiteController {
/**
* 显示注册页面
* @return
*/
@RequestMapping(value = "/register", method = RequestMethod.POST)
public String register(HttpServletRequest request, HttpServletResponse response, String username, String password1, String password2) {
if (!Objects.equals(password1, password2)) {
return "redirect:/reg";
}
User user = new User();
user.setName(username);
user.setPassword(password1);
boolean regSuccess = userService.register(user);
WebUser webUser = new WebUser();
webUser.setLoginStatus(WebConstants.USER_LOGIN_STATUS_NORMAL);
webUser.setUserId(user.getId());
webUser.setUsername(username);
super.setCurrentLoginUser(response, webUser);
return "redirect:/";
}
// 父类实现的,直接粘贴代码。
protected void setCurrentLoginUser(HttpServletResponse response, WebUser user) {
CookieUtil.setLoginUser(response, user);
}
}
注:
(1)注册加入数据库后,直接设置登录状态,设置Cookie,跳转主页。