随笔-通过session判断用户密码输入错误三次，输入验证码

最新推荐文章于 2021-12-24 14:01:33 发布

weixin_34410662

最新推荐文章于 2021-12-24 14:01:33 发布

阅读量2.2k

点赞数 1

文章标签： java javascript 前端 ViewUI

原文链接：http://blog.51cto.com/xuliangjun/1598818

版权

@Controller
@RequestMapping("/login")
public class LoginController extends BaseController{
   @Autowired
   private LoginService loginService;
   private static Integer ERRORCOUNT = 0; //输入的错误密码次数
   private static Integer LOGINNUM = 0;
   @RequestMapping(params = "login")
   @ResponseBody
   public AjaxJson login(HttpServletRequest request,HttpServletResponse response){
       HttpSession session=request.getSession();
       AjaxJson ajax=new AjaxJson();
       String message="";
       String username=StringEscapeUtils.escapeHtml(request.getParameter("username"));
       String logincode=StringEscapeUtils.escapeHtml(request.getParameter("logincode"));
       String type=StringEscapeUtils.escapeHtml(request.getParameter("type")); //是否需要输入验证码
       CustomerRegtn customer=null;
       if("hide".equals(type)){ //不需要验证码


       }else if("show".equals(type)){ //需要输入验证码
           HttpSession randCodeSession=request.getSession();
           String randCode=(String) randCodeSession.getAttribute("randCode");
           if(randCode !=null){ //验证码不为空
               if(!randCode.equalsIgnoreCase(request.getParameter("yzmval"))){ //验证码匹配
                   message=AjaxJson.RANDCODEERROR;
               }else{ //验证码匹配上了
                   if(username !=null){
                       customer=loginService.loadCustomer(username);
                       if(customer !=null){ //用户存在
                           if(logincode != null){
                               byte[] salt = PasswordUtil.getStaticSalt();
                               String ciphertext = PasswordUtil.encrypt(username, logincode, salt); //加密
                               if(ciphertext.equals(customer.getLoginpassword())){ //对比，匹配成功
                                   customer.setLoginnum(LOGINNUM+1);
                                   loginService.updateCustomerRegtn(customer); //登陆次数加一
                                   message=AjaxJson.SUCCESS;
                                   ERRORCOUNT=0;
                               }else{ //密码匹配不成功
                                   if(session.getAttribute(username) != null){
                                       ERRORCOUNT=ERRORCOUNT+1;
                                   }else{
                                       ERRORCOUNT=0;
                                   }
                                   message=AjaxJson.ERROR;
                               }
                           }
                       }else{
                           if(session.getAttribute(username) != null){
                               ERRORCOUNT=ERRORCOUNT+1;
                           }else{
                               ERRORCOUNT=0;
                           }
                           message=AjaxJson.ERROR;
                       }
                   }else{ //用户名为空
                       if(session.getAttribute(username) != null){
                           ERRORCOUNT=ERRORCOUNT+1;
                       }else{
                           ERRORCOUNT=0;
                       }
                       message=AjaxJson.ERROR;
                   }
               }
           }
       }


       session.setAttribute(username, ERRORCOUNT);//绑定session
       ajax.setMsg(message);
       Integer count=(Integer) session.getAttribute(username);
       ajax.setErrorCount(count);
       session.setMaxInactiveInterval(6000);
       return ajax;
   }
}

页面：

<div class="login-main">
                   <p>

                   </p>
                   <div class="user">
                       <img src="/resource/p_w_picpaths/user.png">
                       <input class="user-name" type="text" placeholder="请录入用户名">
                   </div>

                   <div class="code">
                       <img src="/resource/p_w_picpaths/code.png">
                       <input class="logincode" type="text" placeholder="请录入密码">
                   </div>

                   <div class="codeyzm" style="display: none">
                       <img src="/resource/p_w_picpaths/code.png">
                       <input class="yzmcode" type="text" placeholder="请录入校验码">
                       <img id="changeyzmid" src="/randCodeImage" />
                   </div>

                   <input class="login-btn" type="submit" value="登录">
                   <div class="login-bottom">
                       <a href="#" class="zhuce">免费注册</a>
                       <a href="#" class="wangji">忘记密码</a>
                   </div>
               </div>

               <script type="text/javascript">

$(".login-btn").click(function() {
   var username = $(".user-name").val();
   var logincode = $(".logincode").val();
   var yzmval = $(".yzmcode").val();
   var tzurl = "http://www.baidu.com";
   if (username == '' || username.length < 0) {
       alert("用户名不能为空");
       return false;
   } else if (logincode == '' || logincode.length < 0) {
       alert("密码不能为空");
       return false;
   }

   if ($(".yzmcode").is(":visible") == false) {
       $.ajax( {
           url : "/login.do?login",
           data : {
               'username' : username,
               'logincode' : logincode,
               'yzmval' : yzmval,
               'type':'hide'
           },
           async : false,
           type : "GET",
           contentType : "application/json",
           dataType : "json",
           success : function(data) {
               var d = eval(data);
               var tt = 5 - d.errorCount;
               if (d.msg == "success") {
                   window.location.href = tzurl;
               } else if (d.msg == "error") {
                   if(tt <= 0){
                       alert("用户名和密码不匹配，请输入验证码");
                   }else{
                       alert("用户名和密码不匹配，还有" + tt + "机会");
                   }
                   if (d.errorCount + 1 > 5) {
                       $(".codeyzm").attr("style", "display:block");
                   }
               }else if(d.msg =='randcodeerror'){
                   alert("验证码错误");
               }
           },
           complete : function(XMLHttpRequest, textStatus) {

           }
       });
   } else { //验证码显示
       if (yzmval == '' || yzmval.length < 0) {
           alert("验证码不能为空");
           return false;
       }
           $.ajax( {
           url : "/login.do?login",
           data : {
               'username' : username,
               'logincode' : logincode,
               'yzmval' : yzmval,
               'type':'show'
           },
           async : false,
           type : "GET",
           contentType : "application/json",
           dataType : "json",
           success : function(data) {
               var d = eval(data);
               if (d.msg == "success") {
                   window.location.href = tzurl;
               } else if (d.msg == "error") {
                   alert("用户名和密码不匹配");
               }else if(d.msg =='randcodeerror'){
                   alert("验证码错误");
               }
           },
           complete : function(XMLHttpRequest, textStatus) {

           }
       });
   }
});

function changeyzm() {
   $("#changeyzmid").attr("src", "/randCodeImage?i=" + Math.random());
}
</script>

转载于:https://blog.51cto.com/xuliangjun/1598818

weixin_34410662

关注

1
点赞
踩
2

收藏

觉得还不错? 一键收藏
0
评论
随笔-通过session判断用户密码输入错误三次，输入验证码

@Controller@RequestMapping("/login")public class LoginController extends BaseController{ @Autowired private LoginService loginService; private static Integer ERRORCOUNT = 0; //输入的错...
复制链接

扫一扫