步骤分析:
步骤分析:
1.数据库和表
create database day16;
use day16;
create table user(
id int primary key auto_increment,
username varchar(20),
password varchar(20)
);
insert into user values(null,'tom','123');
2.web项目
jar包 工具类 配置文件
3.新建一个登录页面 表单
4.表单提交 loginservlet
接受用户名和密码
调用service完成登录操作,返回值User
判断user是否为空
若不为空,将user放入session中
判断是否勾选了自动登录
若勾选了:
需要将用户名和密码写回浏览器
5.下次访问网站的时候
过滤器拦截任意请求
判断有无指定的cookie
有cookie,获取用户名和密码
调用service完成登录操作,返回user
当user不为空的时候将user放入session中.
当我们换用jack登录的时候发现登录不了
自动登录只需要登录一次:当session中没有用户的时候
访问有些资源是不需要自动登录的(和登录还有注册相关的资源)
修改filter的逻辑:
首先判断session中是否有user
若没有 并且访问的路径不是和登录注册相关的时候
才去获取指定的cookie
项目结构:
项目展示:
数据库:
/*
SQLyog Ultimate v12.09 (64 bit)
MySQL - 5.5.53 : Database - autologin
*********************************************************************
*/
/*!40101 SET NAMES utf8 */;
/*!40101 SET SQL_MODE=''*/;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
CREATE DATABASE /*!32312 IF NOT EXISTS*/`autologin` /*!40100 DEFAULT CHARACTER SET utf8 */;
USE `autologin`;
/*Table structure for table `user` */
DROP TABLE IF EXISTS `user`;
CREATE TABLE `user` (
`id` int(11) NOT NULL AUTO_INCREMENT COMMENT '主键',
`username` varchar(255) DEFAULT NULL COMMENT '用户名',
`password` varchar(255) DEFAULT NULL COMMENT '密码',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
/*Data for the table `user` */
insert into `user`(`id`,`username`,`password`) values (1,'tom','123'),(2,'jack','123');
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
项目代码:
com.gordon.constant:
--
package com.gordon.constant;
public class Constant {
/**
* 是否自动登录
*/
public static String IS_AUTO_LOGIN = "ok";
/**
* 是否记住用户名
*/
public static String IS_REMEMBER_USER = "ok";
}
com.gordon.dao:
--UserDao.java:
package com.gordon.dao;
import java.sql.SQLException;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import com.gordon.domain.User;
import com.gordon.utils.DataSourceUtil;
public class UserDao {
/**
* 用户登录
*
* @param username
* @param password
* @return
* @throws SQLException
*/
public User login(String username, String password) throws SQLException {
QueryRunner qr = new QueryRunner(DataSourceUtil.getDataSource());
String sql = "select * from user where username = ? and password = ? limit 1";
return qr.query(sql, new BeanHandler(User.class), username, password);
}
}
com.gordon.domain:
--User.java:
package com.gordon.domain;
public class User {
private int id;
private String username;
private String password;
public User() {
}
public User(int id, String username, String password) {
this.id = id;
this.username = username;
this.password = password;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
com.gordon.service:
--UserService.java:
package com.gordon.service;
import java.sql.SQLException;
import com.gordon.dao.UserDao;
import com.gordon.domain.User;
public class UserService {
/**
* 用户登录
* @param username
* @param password
* @return
* @throws SQLException
*/
public User login(String username, String password) throws SQLException {
return new UserDao().login(username, password);
}
}
com.gordon.utils:
--CookieUtil.java
package com.gordon.utils;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Cookie工具类
*
*/
public class CookieUtil {
/**
* 添加cookie
*
* @param response
* @param name
* @param value
* @param maxAge
*/
public static void addCookie(HttpServletResponse response, String name, String value) {
Cookie cookie = new Cookie(name, value);
cookie.setPath("/");
response.addCookie(cookie);
}
/**
* 添加cookie
*
* @param response
* @param name
* @param value
* @param maxAge
*/
public static void addCookie(HttpServletResponse response, String name, String value, int maxAge) {
Cookie cookie = new Cookie(name, value);
cookie.setPath("/");
if (maxAge > 0) {
cookie.setMaxAge(maxAge);
}
response.addCookie(cookie);
}
/**
* 删除cookie
*
* @param response
* @param name
*/
public static void removeCookie(HttpServletResponse response, String name) {
Cookie uid = new Cookie(name, null);
uid.setPath("/");
uid.setMaxAge(0);
response.addCookie(uid);
}
/**
* 获取cookie值
*
* @param request
* @return
*/
public static String getUid(HttpServletRequest request, String cookieName) {
Cookie cookies[] = request.getCookies();
for (Cookie cookie : cookies) {
if (cookie.getName().equals(cookieName)) {
return cookie.getValue();
}
}
return null;
}
}
--DataSourceUtil.java:
package com.gordon.utils;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import javax.sql.DataSource;
import com.mchange.v2.c3p0.ComboPooledDataSource;
public class DataSourceUtil {
private static ComboPooledDataSource ds = new ComboPooledDataSource();
/**
* 获取数据源
*
* @return 连接池
*/
public static DataSource getDataSource() {
return ds;
}
/**
* 获取连接
*
* @return 连接
* @throws SQLException
*/
public static Connection getConnection() throws SQLException {
return ds.getConnection();
}
/**
* 释放资源
*
* @param conn
* 连接
* @param st
* 语句执行者
* @param rs
* 结果集
*/
public static void closeResource(Connection conn, Statement st, ResultSet rs) {
closeResultSet(rs);
closeStatement(st);
closeConn(conn);
}
/**
* 释放连接
*
* @param conn
* 连接
*/
public static void closeConn(Connection conn) {
if (conn != null) {
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
conn = null;
}
}
/**
* 释放语句执行者
*
* @param st
* 语句执行者
*/
public static void closeStatement(Statement st) {
if (st != null) {
try {
st.close();
} catch (SQLException e) {
e.printStackTrace();
}
st = null;
}
}
/**
* 释放结果集
*
* @param rs
* 结果集
*/
public static void closeResultSet(ResultSet rs) {
if (rs != null) {
try {
rs.close();
} catch (SQLException e) {
e.printStackTrace();
}
rs = null;
}
}
}
com.gordon.web.filter:
--AutoLoginFilter.java
package com.gordon.web.filter;
import java.io.IOException;
import java.net.URLDecoder;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.gordon.domain.User;
import com.gordon.service.UserService;
import com.gordon.utils.CookieUtil;
/**
* 自动登录过滤器
*/
@WebFilter(urlPatterns = { "/*" })
public class AutoLoginFilter implements Filter {
public AutoLoginFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
// 判断用户是否已经登录,如果不存在user,则未登录,开始自动登录
if (req.getSession().getAttribute("user") == null) {
// 判断是否存在cookie
if (CookieUtil.getUid(req, "autologin") != null) {
// 排除指定的路径(指定路径下不需要自动登录,如登录请求,注册请求)
if (!req.getServletPath().contains("/login")) {
System.out.println("执行了自动登录操作......");
// 获取cookie中的用户名密码
String userCookieValue = CookieUtil.getUid(req, "autologin");
String username = userCookieValue.split("-")[0];
String password = userCookieValue.split("-")[1];
User user = null;
try {
user = new UserService().login(URLDecoder.decode(username, "UTF-8"), password);
} catch (Exception e) {
e.printStackTrace();
}
if (user != null) {
// 将user放入session
req.getSession().setAttribute("user", user);
// 直接转入成功页面,不需要自动传递
resp.sendRedirect(req.getContextPath() + "/");
}
}
}
}
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
com.gordon.web.servlet:
--LoginServlet.java
package com.gordon.web.servlet;
import java.io.IOException;
import java.net.URLEncoder;
import java.sql.SQLException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.gordon.constant.Constant;
import com.gordon.domain.User;
import com.gordon.service.UserService;
import com.gordon.utils.CookieUtil;
/**
* 用户登录
*/
@WebServlet("/login")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("utf-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
String autologin = request.getParameter("autologin");
String rememberuser = request.getParameter("rememberuser");
User user = null;
try {
user = new UserService().login(username, password);
} catch (SQLException e) {
e.printStackTrace();
}
if (user != null) {
// 将user放入session
request.getSession().setAttribute("user", user);
// 如果开启记住用户名,将用户名称存入cookie
if (rememberuser != null && Constant.IS_REMEMBER_USER.equals(rememberuser)) {
// 记住用户名cookie存储60天
CookieUtil.addCookie(response, "rememberuser", URLEncoder.encode(user.getUsername(), "UTF-8"),
60 * 24 * 3600);
}
// 如果开启自动登录,将用户存入cookie
if (autologin != null && Constant.IS_AUTO_LOGIN.equals(autologin)) {
// 自动登录Cookie存储30天
CookieUtil.addCookie(response, "autologin",
URLEncoder.encode(user.getUsername(), "UTF-8") + "-" + user.getPassword(), 30 * 24 * 3600);
}
}
response.sendRedirect(request.getContextPath() + "/");
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
--LogoutServlet.java
package com.gordon.web.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.gordon.utils.CookieUtil;
/**
* 用户登录
*/
@WebServlet("/logout")
public class LogoutServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getSession().removeAttribute("user");
CookieUtil.removeCookie(response, "autologin");
response.sendRedirect(request.getContextPath() + "/");
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
c3p0-config.xml:
com.mysql.jdbc.Driver
jdbc:mysql://localhost:3306/autologin
root
root
30000
30
10
30
100
10
200
com.mysql.jdbc.Driver
jdbc:mysql://127.0.0.1:3306/xxxx
root
1234
5
20
10
40
20
5
-----------------------------------------------------
index.jsp
Insert title here网站首页:欢迎您的使用:${ username } | 退出登录
您还没有登录,请登录:登录
login.jsp
Insert title here用户名: | |
密码: | |
记住用户名 | 自动登录 |
show_product.jsp
Insert title here商品展示:欢迎您的使用:${ sessionScope.user.username } |