在数据库添加一列用来存随机的码
*Xml文件用了/拦截了所有样式
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="4.0" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd">
< listener>
< listener-class>lnitListener.InitListener< /listener-class>
< /listener>
< filter>
< filter-name>LoginFilter< /filter-name>
< filter-class>lnitListener.LoginFilter< /filter-class>
< /filter>
< filter-mapping>
< filter-name>LoginFilter< /filter-name>
< url-pattern>/*< /url-pattern>
< /filter-mapping>
< welcome-file-list>
< welcome-file>bug_login.jsp< /welcome-file>
< /welcome-file-list>
< /web-app>
在这里插入代码片
LoginFilter
@WebFilter("/LoginFilter")
public class LoginFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;// 强制向下转型
HttpServletResponse resp = (HttpServletResponse) response;
String requestURI = req.getRequestURI();
String getContextPath = req.getContextPath();
System.out.println(getContextPath + "++++++++++++++++++++++++++++++++++++++++++++++++++");
System.out.println(requestURI + "++++++++++++++++++++++++++++++++++++++++++++++++++");
//登录首先要进行路径判断
//path.indexOf("/assets") != -1这一句是为了防止对样式拦截 assets为样式文件
String path = req.getServletPath();
if (path.indexOf("/assets") != -1
|| (req.getContextPath() + "/bug_login.jsp").equals(requestURI)
|| (req.getContextPath() + "/loginServlet").equals(requestURI)
|| (req.getContextPath() + "/bug_usersAdd.jsp").equals(requestURI)
|| (req.getContextPath() + "/AddBug_users").equals(requestURI)) {
System.out.println("111111111111111111111111111111111111111111111111111111111111111111111111222");
chain.doFilter(request, response);
return;
}
//这一步判断session
HttpSession session = req.getSession();
String login = null;
try {
login = session.getAttribute("uuid").toString();//获取uuid随机码然后转成Sting类型
} catch (Exception e) {
}
System.out.println("lnitListener.LoginFilter.doFilter()-------------->"+login);
if(login!=null){
//获取user_id
Object user_id = session.getAttribute("user_id");
//new查询,根据用户id查询数据库
bug_login b=new bug_LoginImpl().doselect(Integer.parseInt(user_id.toString()));
System.out.println("lnitListener.LoginFilter.doFilter()-------------->"+b.getLoginStatus());
//判断session里的uuid和上一步,根据用户id查询数据库的随机码是否相等相等
if(session.getAttribute("uuid").toString().equals(b.getLoginStatus())){
chain.doFilter(request, response);
return;
}else{
session.invalidate();
resp.sendRedirect(req.getContextPath()+"/bug_login.jsp");
}
}
else{
resp.sendRedirect(req.getContextPath()+"/bug_login.jsp");
}
}
}
loginServlet文件
@WebServlet(name = "loginServlet", urlPatterns = {"/loginServlet"})
public class loginServlet extends HttpServlet {
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("utf-8");//治疗乱码
String user_name = request.getParameter("user_name");
String user_pwd = request.getParameter("user_pwd");
bug_LoginImpl login1= new bug_LoginImpl();//执行sql
bug_login us = new bug_login();
us.setUser_name(user_name);
us.setUser_pwd(user_pwd);
// List<bug_login> lista=login1.list(us);
List<bug_login> listb=login1.list(us);
//根据角色来显示菜单
//实力一个List<Integer>
List<Integer> lists=new ArrayList<>();
//根据菜单id来显示菜单
List<Integer> listmenu=new ArrayList<>();
// List<bug_login>转到 List<Integer>
for (int i = 0; i < listb.size(); i++) {
lists.add(listb.get(i).getRole_id());
listmenu.add(listb.get(i).getMenu_id());
}
bug_login login = login1.login(us);
request.getSession().setAttribute("login", login);
if (login != null ) {
HttpSession session = request.getSession();
session.setAttribute("username", login.getUser_name());// 用户户名保存到session 传到过滤器(LoginFilter)接收判断用户是否存在
session.setAttribute("user_id", login.getUser_id());
session.setAttribute("aaa",lists);//权限存入session
session.setAttribute("listmenu",listmenu);//权限存入session
UUID uuid=UUID.randomUUID();//uuid
login.setLoginStatus(String.valueOf(uuid));
new bug_LoginImpl().doUpdate(login);//修改uuid
System.out.println("servlet.loginServlet.doPost()"+login.getLoginStatus());
session.setAttribute("uuid", uuid);//传一个uuid
System.out.println("查到---------------------------------------------------------");
request.getRequestDispatcher("/UserServlet").forward(request, response);
} else {
request.getRequestDispatcher("/logindie.jsp").forward(request, response);
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("utf-8"); response.setContentType("text/html;charset=utf-8");
doPost(request, response);
}
}