经常可以看到一些网站需要输入口令才可以查看,这个效果是怎么实现的呢,现在来模拟一个场景,有一个网站必须登录之后才能继续,只需要设计一个登录拦截器(过滤器)就可以了:
项目大致如下:
大概逻辑是这样子的:
效果预览:
项目Github地址: https://github.com/BenDanChen/LoginDemo.git
拦截器的代码:
1 package org.cc.practice.filter; 2 3 import java.io.IOException; 4 5 import javax.servlet.Filter; 6 import javax.servlet.FilterChain; 7 import javax.servlet.FilterConfig; 8 import javax.servlet.ServletException; 9 import javax.servlet.ServletRequest; 10 import javax.servlet.ServletResponse; 11 import javax.servlet.http.HttpServletRequest; 12 13 import org.cc.practice.entity.User; 14 15 public class LoginFilter implements Filter { 16 17 @Override 18 public void init(FilterConfig filterConfig) throws ServletException { 19 20 } 21 22 @Override 23 public void doFilter(ServletRequest request, ServletResponse response, 24 FilterChain chain) throws IOException, ServletException { 25 26 //在过滤器中检查是否已经登录 27 28 HttpServletRequest req=(HttpServletRequest) request; 29 30 User user=(User) req.getSession().getAttribute("user"); 31 32 if(user==null && !req.getRequestURI().endsWith("login.jsp") && !req.getRequestURI().endsWith("loginServlet")){ 33 req.getRequestDispatcher("login.jsp").forward(request,response); 34 }else{ 35 chain.doFilter(request,response); 36 } 37 38 } 39 40 @Override 41 public void destroy() { 42 43 } 44 45 }
检查session,如果没有登录并且也不是去登录页面的话就跳转到登录页面让其登录,登录页面部分代码如下:
1 <form action="loginServlet" method="post"> 2 用户名:<input type="text" name="username" value="${param.username }" />${requestScope.usernameError }<br/> 3 密 码:<input type="password" name="passwd" value="${param.passwd }" />${requestScope.passwdError }<br/> 4 <input type="submit" value="登录" />${requestScope.loginError} 5 </form>
LoginServlet:
1 package org.cc.practice.servlet; 2 3 import java.io.IOException; 4 5 import javax.servlet.ServletException; 6 import javax.servlet.http.HttpServlet; 7 import javax.servlet.http.HttpServletRequest; 8 import javax.servlet.http.HttpServletResponse; 9 10 import org.cc.practice.entity.User; 11 import org.cc.practice.service.UserService; 12 import org.cc.practice.service.impl.UserServiceImpl; 13 14 public class LoginServlet extends HttpServlet { 15 16 private UserService userService; 17 18 public LoginServlet() { 19 userService=new UserServiceImpl(); 20 } 21 22 @Override 23 protected void doGet(HttpServletRequest req, HttpServletResponse resp) 24 throws ServletException, IOException { 25 process(req,resp); 26 } 27 28 @Override 29 protected void doPost(HttpServletRequest req, HttpServletResponse resp) 30 throws ServletException, IOException { 31 process(req,resp); 32 } 33 34 private void process(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException{ 35 36 req.setCharacterEncoding("UTF-8"); 37 resp.setContentType("text/html;charset=utf-8"); 38 39 String username=req.getParameter("username"); 40 String passwd=req.getParameter("passwd"); 41 42 boolean errorHappened=false; 43 if(username==null || "".equals(username.trim())){ 44 req.setAttribute("usernameError","用户名不能为空"); 45 errorHappened=true; 46 } 47 if(passwd==null || "".equals(passwd.trim())){ 48 req.setAttribute("passwdError","密码不能为空"); 49 errorHappened=true; 50 } 51 if(errorHappened){ 52 req.getRequestDispatcher("login.jsp").forward(req,resp); 53 return; 54 } 55 56 User user=new User(); 57 user.setUsername(username); 58 user.setPasswd(passwd); 59 60 user=userService.login(user); 61 62 if(user==null){ 63 req.setAttribute("loginError","用户名或密码不正确"); 64 req.getRequestDispatcher("login.jsp").forward(req,resp); 65 return; 66 }else{ 67 req.getSession().setAttribute("user",user); 68 // req.getRequestDispatcher("index.jsp").forward(req,resp); 69 resp.sendRedirect("index.jsp"); 70 return ; 71 } 72 73 } 74 75 }
实体:
1 package org.cc.practice.entity; 2 3 public class User { 4 5 private String id; 6 private String username; 7 private String passwd; 8 9 public String getId() { 10 return id; 11 } 12 13 public void setId(String id) { 14 this.id = id; 15 } 16 17 public String getUsername() { 18 return username; 19 } 20 21 public void setUsername(String username) { 22 this.username = username; 23 } 24 25 public String getPasswd() { 26 return passwd; 27 } 28 29 public void setPasswd(String passwd) { 30 this.passwd = passwd; 31 } 32 33 }
service层代码:
UserService:
1 package org.cc.practice.service; 2 3 import org.cc.practice.entity.User; 4 5 public interface UserService { 6 7 public User login(User user); 8 9 public User findUserById(String id); 10 11 }
UserServiceImpl:
1 package org.cc.practice.service.impl; 2 3 import org.cc.practice.dao.UserDao; 4 import org.cc.practice.dao.impl.UserDaoImpl; 5 import org.cc.practice.entity.User; 6 import org.cc.practice.service.UserService; 7 8 public class UserServiceImpl implements UserService { 9 10 private UserDao userDao; 11 12 public UserServiceImpl() { 13 userDao=new UserDaoImpl(); 14 } 15 16 @Override 17 public User login(User user) { 18 return userDao.login(user); 19 } 20 21 @Override 22 public User findUserById(String id) { 23 return userDao.findUserById(id); 24 } 25 26 }
Dao层代码:
UserDao:
1 package org.cc.practice.dao; 2 3 import org.cc.practice.entity.User; 4 5 public interface UserDao { 6 7 public User login(User user); 8 9 public User findUserById(String id); 10 11 }
UserDaoImpl:
1 package org.cc.practice.dao.impl; 2 3 import java.sql.Connection; 4 import java.sql.PreparedStatement; 5 import java.sql.ResultSet; 6 import java.sql.SQLException; 7 8 import org.cc.practice.dao.UserDao; 9 import org.cc.practice.entity.User; 10 import org.cc.practice.util.DbUtil; 11 12 public class UserDaoImpl implements UserDao { 13 14 @Override 15 public User login(User user) { 16 17 String sql="SELECT id,username,passwd FROM t_user WHERE username=? and passwd=?"; 18 19 Connection conn=null; 20 PreparedStatement pstmt=null; 21 ResultSet rs=null; 22 23 User u=null; 24 25 try { 26 conn=DbUtil.getConnection(); 27 pstmt=conn.prepareStatement(sql); 28 29 pstmt.setString(1,user.getUsername()); 30 pstmt.setString(2,user.getPasswd()); 31 32 rs=pstmt.executeQuery(); 33 34 if(rs.next()){ 35 u=new User(); 36 u.setId(rs.getString("id")); 37 u.setUsername(rs.getString("username")); 38 u.setPasswd(rs.getString("passwd")); 39 } 40 41 } catch (SQLException e) { 42 e.printStackTrace(); 43 }finally{ 44 DbUtil.close(rs); 45 DbUtil.close(pstmt); 46 DbUtil.close(conn); 47 } 48 49 return u; 50 } 51 52 @Override 53 public User findUserById(String id) { 54 55 String sql="SELECT id,username,passwd FROM t_user WHERE id=?"; 56 57 Connection conn=null; 58 PreparedStatement pstmt=null; 59 ResultSet rs=null; 60 61 User u=null; 62 63 try { 64 conn=DbUtil.getConnection(); 65 pstmt=conn.prepareStatement(sql); 66 67 pstmt.setString(1,id); 68 69 rs=pstmt.executeQuery(); 70 71 if(rs.next()){ 72 u=new User(); 73 u.setId(rs.getString("id")); 74 u.setUsername(rs.getString("username")); 75 u.setPasswd(rs.getString("passwd")); 76 } 77 78 } catch (SQLException e) { 79 e.printStackTrace(); 80 } finally{ 81 DbUtil.close(rs); 82 DbUtil.close(pstmt); 83 DbUtil.close(conn); 84 } 85 86 return null; 87 } 88 89 }
工具类:
DbUtil:
1 package org.cc.practice.util; 2 3 import java.io.IOException; 4 import java.sql.Connection; 5 import java.sql.DriverManager; 6 import java.sql.PreparedStatement; 7 import java.sql.ResultSet; 8 import java.sql.SQLException; 9 import java.util.Properties; 10 11 12 public class DbUtil { 13 14 private static Properties db; 15 16 static{ 17 try { 18 db=new Properties(); 19 db.load(Thread.currentThread().getContextClassLoader().getResourceAsStream("db.properties")); 20 Class.forName(db.getProperty("driver")); 21 } catch (IOException e) { 22 e.printStackTrace(); 23 } catch (ClassNotFoundException e) { 24 e.printStackTrace(); 25 } 26 } 27 28 public static Connection getConnection(){ 29 30 Connection conn=null; 31 32 try { 33 // conn=DriverManager.getConnection("jdbc:mysql:///test_001","root","toor"); 34 conn=DriverManager.getConnection(db.getProperty("url"),db); 35 } catch (SQLException e) { 36 e.printStackTrace(); 37 } 38 39 return conn; 40 } 41 42 public static void close(Connection conn){ 43 try { 44 if(conn!=null && !conn.isClosed()){ 45 conn.close(); 46 } 47 } catch (SQLException e) { 48 e.printStackTrace(); 49 } 50 } 51 52 public static void close(PreparedStatement pstmt){ 53 try { 54 if(pstmt!=null && !pstmt.isClosed()){ 55 pstmt.close(); 56 } 57 } catch (SQLException e) { 58 e.printStackTrace(); 59 } 60 } 61 62 public static void close(ResultSet rs){ 63 try { 64 if(rs!=null && !rs.isClosed()){ 65 rs.close(); 66 } 67 } catch (SQLException e) { 68 e.printStackTrace(); 69 } 70 } 71 72 }
数据库配置文件:
driver=com.mysql.jdbc.Driver url=jdbc:mysql:///test_004 user=root password=toor
服务器配置文件:
web.xml
1 <?xml version="1.0" encoding="UTF-8"?> 2 <web-app version="3.0" 3 xmlns="http://java.sun.com/xml/ns/javaee" 4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 5 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 6 http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> 7 <display-name></display-name> 8 <welcome-file-list> 9 <welcome-file>index.jsp</welcome-file> 10 </welcome-file-list> 11 12 <servlet> 13 <servlet-name>loginServlet</servlet-name> 14 <servlet-class>org.cc.practice.servlet.LoginServlet</servlet-class> 15 </servlet> 16 17 <servlet-mapping> 18 <servlet-name>loginServlet</servlet-name> 19 <url-pattern>/loginServlet</url-pattern> 20 </servlet-mapping> 21 22 <filter> 23 <filter-name>loginFilter</filter-name> 24 <filter-class>org.cc.practice.filter.LoginFilter</filter-class> 25 </filter> 26 27 <filter-mapping> 28 <filter-name>loginFilter</filter-name> 29 <url-pattern>/*</url-pattern> 30 </filter-mapping> 31 32 </web-app>
数据库创建文件:
1 drop table if exists t_user ; 2 create table t_user ( 3 id int primary key auto_increment , 4 username varchar(20) not null unique, 5 passwd varchar(20) not null 6 )charset utf8; 7 8 insert into t_user(username,passwd) values("root","toor"); 9 insert into t_user(username,passwd) values("casper","qwerty");