LoginServlet的实现:
package com.web.servlet;
import com.bean.User;
import com.dao.UserDao;
import com.dao.impl.UserDaoImpl;
import org.apache.commons.beanutils.BeanUtils;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.sql.SQLException;
import java.util.Map;
@WebServlet(name = "LoginServlet")
public class LoginServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
String username=request.getParameter("username");
String password = request.getParameter("password");
String autologin=request.getParameter("autologin");
Map map=request.getParameterMap();
User u1=new User();
try {
BeanUtils.populate(u1,map);
} catch (IllegalAccessException e) {
e.printStackTrace();
} catch (InvocationTargetException e) {
e.printStackTrace();
}
try {
UserDao userDao=new UserDaoImpl();
User u=new User(username,password);
User user = userDao.login(u);
if(user!=null){
//看一下是否选择自动登录
if("on".equals(autologin)){
//发送cookie给客户端
Cookie cookie=new Cookie("autologin",username+"#"+password);
cookie.setMaxAge(60*60*24*7); //7天有效期
cookie.setPath("/ajax"); //针对项目有效
//cookie.setPath(request.getContextPath());
response.addCookie(cookie);
}
request.getSession().setAttribute("user",user);
response.sendRedirect("jsp/welcome.jsp");
}else {
//request.getRequestDispatcher("jsp/login.jsp").forward(request,response);
response.sendRedirect("jsp/login.jsp");
}
} catch (SQLException e) {
e.printStackTrace();
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request,response);
}
}
拦截器的实现:
package com.filter;
import com.bean.User;
import com.dao.UserDao;
import com.dao.impl.UserDaoImpl;
import com.util.CookieUtil;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.sql.SQLException;
@WebFilter(filterName = "LoginFilter")
public class LoginFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request= (HttpServletRequest) req;
//首先判断session中有没有user;
User user = (User) request.getSession().getAttribute("user");
if(user!=null){
System.out.println("session中存在user");
chain.doFilter(request,resp);
}else{
//代表session失效了。
//2. 看cookie。
//1. 来请求的时候,先从请求里面取出cookie , 但是cookie有很多的key-value
Cookie[] cookies=request.getCookies();
Cookie cookie= CookieUtil.findCookie(cookies,"autologin");
if(cookie==null){
System.out.println("cookie中不存在user");
chain.doFilter(request,resp);
}else {
String value = cookie.getValue();
String username = value.split("#")[0];
String password = value.split("#")[1];
System.out.println("cookie中存在user");
User user1=new User(username,password);
UserDao userDao=new UserDaoImpl();
try {
User u=userDao.login(user1);
//使用session存这个值到域中,方便下一次未过期前还可以用。
request.getSession().setAttribute("user", u);
chain.doFilter(request, resp);
} catch (SQLException e) {
e.printStackTrace();
chain.doFilter(req, resp);
}
}
}
}
public void init(FilterConfig config) throws ServletException {
}
}