@Controller
@RequestMapping("/login")
public class LoginController extends BaseController{
@Autowired
private LoginService loginService;
private static Integer ERRORCOUNT = 0; //输入的错误密码次数
private static Integer LOGINNUM = 0;
@RequestMapping(params = "login")
@ResponseBody
public AjaxJson login(HttpServletRequest request,HttpServletResponse response){
HttpSession session=request.getSession();
AjaxJson ajax=new AjaxJson();
String message="";
String username=StringEscapeUtils.escapeHtml(request.getParameter("username"));
String logincode=StringEscapeUtils.escapeHtml(request.getParameter("logincode"));
String type=StringEscapeUtils.escapeHtml(request.getParameter("type")); //是否需要输入验证码
CustomerRegtn customer=null;
if("hide".equals(type)){ //不需要验证码
}else if("show".equals(type)){ //需要输入验证码
HttpSession randCodeSession=request.getSession();
String randCode=(String) randCodeSession.getAttribute("randCode");
if(randCode !=null){ //验证码不为空
if(!randCode.equalsIgnoreCase(request.getParameter("yzmval"))){ //验证码匹配
message=AjaxJson.RANDCODEERROR;
}else{ //验证码匹配上了
if(username !=null){
customer=loginService.loadCustomer(username);
if(customer !=null){ //用户存在
if(logincode != null){
byte[] salt = PasswordUtil.getStaticSalt();
String ciphertext = PasswordUtil.encrypt(username, logincode, salt); //加密
if(ciphertext.equals(customer.getLoginpassword())){ //对比,匹配成功
customer.setLoginnum(LOGINNUM+1);
loginService.updateCustomerRegtn(customer); //登陆次数加一
message=AjaxJson.SUCCESS;
ERRORCOUNT=0;
}else{ //密码匹配不成功
if(session.getAttribute(username) != null){
ERRORCOUNT=ERRORCOUNT+1;
}else{
ERRORCOUNT=0;
}
message=AjaxJson.ERROR;
}
}
}else{
if(session.getAttribute(username) != null){
ERRORCOUNT=ERRORCOUNT+1;
}else{
ERRORCOUNT=0;
}
message=AjaxJson.ERROR;
}
}else{ //用户名为空
if(session.getAttribute(username) != null){
ERRORCOUNT=ERRORCOUNT+1;
}else{
ERRORCOUNT=0;
}
message=AjaxJson.ERROR;
}
}
}
}
session.setAttribute(username, ERRORCOUNT);//绑定session
ajax.setMsg(message);
Integer count=(Integer) session.getAttribute(username);
ajax.setErrorCount(count);
session.setMaxInactiveInterval(6000);
return ajax;
}
}
页面:
<div class="login-main">
<p>
</p>
<div class="user">
<img src="/resource/p_w_picpaths/user.png">
<input class="user-name" type="text" placeholder="请录入用户名">
</div>
<div class="code">
<img src="/resource/p_w_picpaths/code.png">
<input class="logincode" type="text" placeholder="请录入密码">
</div>
<div class="codeyzm" style="display: none">
<img src="/resource/p_w_picpaths/code.png">
<input class="yzmcode" type="text" placeholder="请录入校验码">
<img id="changeyzmid" src="/randCodeImage" />
</div>
<input class="login-btn" type="submit" value="登录">
<div class="login-bottom">
<a href="#" class="zhuce">免费注册</a>
<a href="#" class="wangji">忘记密码</a>
</div>
</div>
<script type="text/javascript">
$(".login-btn").click(function() {
var username = $(".user-name").val();
var logincode = $(".logincode").val();
var yzmval = $(".yzmcode").val();
var tzurl = "http://www.baidu.com";
if (username == '' || username.length < 0) {
alert("用户名不能为空");
return false;
} else if (logincode == '' || logincode.length < 0) {
alert("密码不能为空");
return false;
}
if ($(".yzmcode").is(":visible") == false) {
$.ajax( {
url : "/login.do?login",
data : {
'username' : username,
'logincode' : logincode,
'yzmval' : yzmval,
'type':'hide'
},
async : false,
type : "GET",
contentType : "application/json",
dataType : "json",
success : function(data) {
var d = eval(data);
var tt = 5 - d.errorCount;
if (d.msg == "success") {
window.location.href = tzurl;
} else if (d.msg == "error") {
if(tt <= 0){
alert("用户名和密码不匹配,请输入验证码");
}else{
alert("用户名和密码不匹配,还有" + tt + "机会");
}
if (d.errorCount + 1 > 5) {
$(".codeyzm").attr("style", "display:block");
}
}else if(d.msg =='randcodeerror'){
alert("验证码错误");
}
},
complete : function(XMLHttpRequest, textStatus) {
}
});
} else { //验证码显示
if (yzmval == '' || yzmval.length < 0) {
alert("验证码不能为空");
return false;
}
$.ajax( {
url : "/login.do?login",
data : {
'username' : username,
'logincode' : logincode,
'yzmval' : yzmval,
'type':'show'
},
async : false,
type : "GET",
contentType : "application/json",
dataType : "json",
success : function(data) {
var d = eval(data);
if (d.msg == "success") {
window.location.href = tzurl;
} else if (d.msg == "error") {
alert("用户名和密码不匹配");
}else if(d.msg =='randcodeerror'){
alert("验证码错误");
}
},
complete : function(XMLHttpRequest, textStatus) {
}
});
}
});
function changeyzm() {
$("#changeyzmid").attr("src", "/randCodeImage?i=" + Math.random());
}
</script>
转载于:https://blog.51cto.com/xuliangjun/1598818