Servlet判断用户是否登陆过和异地登录功能
利用ServletContext+session+监听器(Listener)实现
做login界面时当用户进行登录会有用户再次登录的情况,如果一个账户两个人同时登录会有许多不必要的麻烦,针对以上情况做出了一下代码的修改
首先是两个简单的界面
login.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>登录界面</title>
</head>
<body>
<!-- action="login"传到servlet进行操作 -->
<form action="login" method="post">
用户:<input type="text" name="username"><br />
密码:<input type="password" name="password"><br />
<input type="submit" value="登录">
</form>
</body>
</html>
hello.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>登录成功界面</title>
</head>
<body>
<h1>欢迎您的到来,尊敬的VIP用户</h1>
<input type="button" value="退出" onclick="location='loginOut'">
<!-- onclick="location='loginOut'" 表示点击就会传到servlet进行操作 -->
</body>
</html>
然后是用户类,get和set数据,我这里只是简单的创建了一个
User
/**
* @description: 用户类
**/
public class User {
private String username;
private String password;
public User() {
}
public User(String username, String password) {
this.username = username;
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "User{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
'}';
}
}
接下来是UserDao的操作
UserDao
在这里只写了一个查询用户名和密码是否正确的接口
public interface UserDao {
User loginUser(String username,String password);
}
UserDaoImpl实现UserDao里的接口
模拟了一下数据库进行查找数据的操作,可根据自己的数据库重写
public class UserDaoImpl implements UserDao{
@Override
public User loginUser(String username, String password) {
//假设数据库传值
boolean flag = "111".equals(username)&&"111".equals(password);
if (flag){
return new User(username,password);
}
return null;
}
}
LoginServlet
进行登录时的servlet判断
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
/**
* @description: 登录servlet
**/
@WebServlet("/login") //这个注解相当于xml里给LoginServlet添加路径
public class LoginServlet extends HttpServlet {
@Override
public void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException{
//设置请求编码
request.setCharacterEncoding("utf-8");
//设置响应格式及编码
response.setContentType("text/html;charset=utf-8");
//获得界面传过来的参数
String username = request.getParameter("username");
String password = request.getParameter("password");
//进行dao查询
UserDao dao = new UserDaoImpl();
User user = dao.loginUser(username,password);
//创建上下文对象
ServletContext sc = request.getServletContext();
//创建session
HttpSession session = request.getSession();
//获得session的id
String sessionId = session.getId();
//获取存储用户的map<用户名,sessionId>---map里的用户名也可以换成用户对象,只要保证key值唯一
Map<String,String> map = (Map<String, String>) sc.getAttribute("loginMap");
if (map == null){
map = new HashMap<>();
}
if (user != null){
//迭代map,并判断是否登录过
for (String name : map.keySet()){
System.out.println(111);
//user一样表示登录过
if (username.equals(name)){
//sessionId值一样的话,表示重复登录
if (sessionId.equals(map.get(name))){
System.out.println("用户重复");
response.getWriter().println("<h1>用户重复登录</h1>");
return;
}else{ //sessionId值不一样,表示异地登录
response.getWriter().println("<h1>禁止异地登录</h1>");
return;
}
}
}
//如果user没有一样的,就没有登录过将当前用户添加到map
map.put(username,sessionId);
sc.setAttribute("loginMap",map);
//将当前用户添加到session
session.setAttribute("username",username);
response.sendRedirect("index.html");
}else {
response.getWriter().println("<h1>用户名或密码错误</h1>");
}
}
}
LoginOutServlet
用户登出时,把当前sessionId值给手动消除,然后重定向到登录页面
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @description: 用户登出
**/
@WebServlet("/loginOut")
public class LoginOutServlet extends HttpServlet {
@Override
public void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException{
request.getSession().invalidate();
response.sendRedirect("hello.html");
}
}
LoginListener
当用户登出,手动销毁了sessionId,然后监听器监听到sessionId的销毁,进行如下操作,重新添加map
import javax.servlet.ServletContext;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import java.util.Map;
/**
* @program: ServletDom
* @description: 登录的session的监听器
* @author: 高天乐
* @create: 2020-07-23 00:33
**/
@WebListener
public class LoginListener implements HttpSessionListener {
@Override
public void sessionCreated(HttpSessionEvent httpSessionEvent) {
}
@Override
public void sessionDestroyed(HttpSessionEvent httpSessionEvent) {
System.out.println("销毁session");
//创建上下文对象
ServletContext sc = httpSessionEvent.getSession().getServletContext();
//创建session对象
HttpSession session = httpSessionEvent.getSession();
//获取map
Map<String,String> map = (Map<String, String>) sc.getAttribute("loginMap");
//获取去用户账号
String username = (String) session.getAttribute("username");
//去掉当前用户
map.remove(username);
//重新绑定map
sc.setAttribute("loginMap",map);
}
}