目录
1.准备阶段
1.1mybatis准备
package com.util;
import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import java.io.IOException;
import java.io.InputStream;
public class SqlSessionFactoryUtils {
private static SqlSessionFactory sqlSessionFactory;
static {
//静态代码块会随着类的加载而自动执行,且只执行一次
try {
String resource = "mybatis-config.xml";
InputStream inputStream = Resources.getResourceAsStream(resource);
sqlSessionFactory = new SqlSessionFactoryBuilder().build(inputStream);
} catch (IOException e) {
e.printStackTrace();
}
}
public static SqlSessionFactory getSqlSessionFactory(){
return sqlSessionFactory;
}
}
1.2DAO层UserMapper
package com.mapper;
import com.pojo.User;
import org.apache.ibatis.annotations.Insert;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
public interface UserMapper {
/**
* 根据用户名和密码查询用户对象
* @param username
* @param password
* @return
*/
//可直接这样写,也可以写到UserMapper.XML中
@Select("select * from tb_user where username = #{username} and password = #{password}")
User select(@Param("username") String username,@Param("password") String password);
/**
* 根据用户名查询用户对象
* @param username
* @return
*/
@Select("select * from tb_user where username = #{username}")
User selectByUsername(String username);
/**
* 添加用户
* @param user
*/
@Insert("insert into tb_user values(null,#{username},#{password})")
void add(User user);
}
1.3Service端的UserService
package com.service;
import com.mapper.UserMapper;
import com.pojo.User;
import com.util.SqlSessionFactoryUtils;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
public class UserService {
SqlSessionFactory sqlSessionFactory = SqlSessionFactoryUtils.getSqlSessionFactory();
public User login(String username,String password){
SqlSession sqlSession = sqlSessionFactory.openSession();
UserMapper mapper = sqlSession.getMapper(UserMapper.class);
//调用DAO层UserMapper的方法
User user = mapper.select(username, password);
sqlSession.close();
return user;
}
public boolean register(User user){
SqlSession sqlSession = sqlSessionFactory.openSession();
UserMapper mapper = sqlSession.getMapper(UserMapper.class);
User user1 = mapper.selectByUsername(user.getUsername());
if(user1==null){
//调用DAO层UserMapper的方法
mapper.add(user);
sqlSession.commit();
}
sqlSession.close();
return user1==null;
}
}
2.注册页面
2.1具体流程
(1)前端通过表单发送请求和数据给Web层的RegisterServlet
(2)在RegisterServlet中接收请求和数据[用户名和密码]
(3)RegisterServlet接收到请求和数据后,调用Service层完成用户信息的保存
(4)在Service层需要编写UserService类,在类中实现register方法,需要判断用户是否已经存在,如果不存在,则完成用户数据的保存
(5)在UserMapper接口中,声明两个方法,一个是根据用户名查询用户信息方法,另一个是保存用户信息方法
(6)在UserService类中保存成功则返回true,失败则返回false,将数据返回给Web层
(7)Web层获取到结果后,如果返回的是true,则提示
注册成功
,并转发到登录页面,如果返回false则提示用户名已存在
并转发到注册页面
2.2注册jsp主页面
<%--register.jsp--%>
<%--注:El表达式,如${register_msg}里面内容没东西,则什么都不会显示--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ page isELIgnored="false" %>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>欢迎注册</title>
<link href="css/register.css" rel="stylesheet">
</head>
<body>
<div class="form-div">
<div class="reg-content">
<h1>欢迎注册</h1>
<span>已有帐号?</span> <a href="login.html">登录</a>
</div>
<form id="reg-form" action="/brand-demo/RegisterServlet" method="post">
<table>
<tr>
<td>用户名</td>
<td class="inputs">
<input name="username" type="text" id="username">
<br>
<span id="username_err" class="err_msg">${register_msg}</span>
</td>
</tr>
<tr>
<td>密码</td>
<td class="inputs">
<input name="password" type="password" id="password">
<br>
<span id="password_err" class="err_msg" style="display: none">密码格式有误</span>
</td>
</tr>
<tr>
<td>验证码</td>
<td class="inputs">
<input name="checkCode" type="text" id="checkCode">
<img id="checkCodeImg" src="/brand-demo/CheckCodeServlet">
<a href="#" id="changeImg">看不清?</a>
</td>
</tr>
</table>
<div class="buttons">
<input value="注 册" type="submit" id="reg_btn">
</div>
<br class="clear">
</form>
</div>
<script>
//点击看不清更换验证码
document.getElementById("changeImg").onclick=function (){
//如果src地址与上次相同,验证码会缓存,为保证每次不一样,src后加?和时间
document.getElementById("checkCodeImg").src="/brand-demo/CheckCodeServlet?"+new Date().getMilliseconds();
}
</script>
<script>
//点击图片更换验证码
document.getElementById("checkCodeImg").onclick=function (){
//如果src地址与上次相同,验证码会缓存,为保证每次不一样,src后加?和时间
document.getElementById("checkCodeImg").src="/brand-demo/CheckCodeServlet?"+new Date().getMilliseconds();
}
</script>
</body>
</html>
2.3验证码CheckCodeServlet页面
package com.web;
import com.util.CheckCodeUtil;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
@WebServlet(name = "CheckCodeServlet", value = "/CheckCodeServlet")
public class CheckCodeServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//生成验证码
ServletOutputStream os = response.getOutputStream();
String s = CheckCodeUtil.outputVerifyImage(100, 50, os, 4);
//存储验证码
HttpSession session = request.getSession();
session.setAttribute("checkcodeGen",s);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
注:验证码工具类,CheckCodeUtil详见如下
2.4执行端注册servlet页面
package com.web;
import com.pojo.User;
import com.service.UserService;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "RegisterServlet", value = "/RegisterServlet")
public class RegisterServlet extends HttpServlet {
private UserService userService = new UserService();
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
String checkCode = request.getParameter("checkCode");
HttpSession session = request.getSession();
String checkcodeGen = (String) session.getAttribute("checkcodeGen");
//equalsIgnoreCase忽略大小写
if(checkcodeGen.equalsIgnoreCase(checkCode)){
request.setAttribute("register_msg","验证码错误!");
request.getRequestDispatcher("/register.jsp").forward(request,response);
return;
}
User user=new User();
user.setUsername(username);
user.setPassword(password);
//调用服务端userService的方法
boolean flag = userService.register(user);
if(flag){
request.setAttribute("register_msg","注册成功请登录!");
request.getRequestDispatcher("/login.jsp").forward(request,response);
}else{
request.setAttribute("register_msg","该用户已存在!");
request.getRequestDispatcher("/register.jsp").forward(request,response);
}
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
3.登录页面
3.1具体流程
(1)前端通过表单发送请求和数据给Web层的LoginServlet
(2)在LoginServlet中接收请求和数据[用户名和密码]
(3)LoginServlet接收到请求和数据后,调用Service层完成根据用户名和密码查询用户对象
(4)在Service层需要编写UserService类,在类中实现login方法,方法中调用Dao层的UserMapper
(5)在UserMapper接口中,声明一个根据用户名和密码查询用户信息的方法
(6)Dao层把数据查询出来以后,将返回数据封装到User对象,将对象交给Service层
(7)Service层将数据返回给Web层
(8)Web层获取到User对象后,判断User对象,如果为Null,则将错误信息响应给登录页面,如果不为Null,则跳转到列表页面,并把当前登录用户的信息存入Session携带到列表页面。
3.2登录jsp页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ page isELIgnored="false" %>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>login</title>
<link href="css/login.css" rel="stylesheet">
</head>
<body>
<div id="loginDiv" style=" height: 350px">
<form action="/brand-demo/LoginServlet" id="form">
<h1 id="loginMsg">LOGIN IN</h1>
<div id="errorMsg">${login_msg}${register_msg}</div>
<p>Username:<input id="username" name="username" value="${cookie.username.value}" type="text"></p>
<p>Password:<input id="password" name="password" value="${cookie.password.value}" type="password"></p>
<p>Remember:<input id="remember" name="remember" value="Remembered" type="checkbox"></p>
<div id="subDiv">
<input type="submit" class="button" value="login up">
<input type="reset" class="button" value="reset">
<a href="register.jsp">没有账号?</a>
</div>
</form>
</div>
</body>
</html>
3.3登录Servlet页面
package com.web;
import com.pojo.User;
import com.service.UserService;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "LoginServlet", value = "/LoginServlet")
public class LoginServlet extends HttpServlet {
private UserService userService = new UserService();
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
User user = userService.login(username, password);
if(user!=null){
HttpSession session = request.getSession();
session.setAttribute("user",user);
String remember = request.getParameter("remember");
//如果登录页面选中remember,则代表记住账号密码,则创建cookie,记录账号密码7天
if("Remembered".equals(remember)){
Cookie c_username=new Cookie("username",username);
Cookie c_password=new Cookie("password",password);
//7天后Cookie自动销毁
c_username.setMaxAge(60*60*24*7);
c_password.setMaxAge(60*60*24*7);
response.addCookie(c_username);
response.addCookie(c_password);
}
//登陆成功后,跳转至应用页面
String path = request.getContextPath();
response.sendRedirect(path+"/SelectAllServlet");
}else{
request.setAttribute("login_msg","用户名或密码错误");
request.getRequestDispatcher("/login.jsp").forward(request,response);
}
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
Cookie操作详见:
3.4Filter拦截逻辑
上图中的过滤器链执行是按照以下流程执行:
-
执行
Filter1
的放行前逻辑代码 -
执行
Filter1
的放行代码 -
执行
Filter2
的放行前逻辑代码 -
执行
Filter2
的放行代码 -
访问到资源
-
执行
Filter2
的放行后逻辑代码 -
执行
Filter1
的放行后逻辑代码
以上流程串起来就像一条链子,故称之为过滤器链。
注:
我们现在使用的是注解配置Filter,而这种配置方式的优先级是按照过滤器类名(字符串)的自然排序。
比如有如下两个名称的过滤器 : `BFilterDemo` 和 `AFilterDemo` 。那一定是 `AFilterDemo` 过滤器先执行。
3.5Filter拦截页面
package com.web.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
//配置Filter拦截资源的路径:在类上定义 `@WebFilter` 注解。
// 拦截具体的资源:/index.jsp:只有访问index.jsp时才会被拦截
// 目录拦截:/user/*:访问/user下的所有资源,都会被拦截
// 后缀名拦截:*.jsp:访问后缀名为jsp的资源,都会被拦截
// 拦截所有:/*:访问所有资源,都会被拦截
@WebFilter("/*")
public class LoginFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request= (HttpServletRequest) servletRequest;
//1.判断访问资源是否和登录注册相关,不然会拦截有用的信息,如CSS样式及注册页面等
String[] urls={"/login.jsp","/imgs/","/css/","/LoginServlet","/register.jsp","/RegisterServlet","/CheckCodeServlet"};
//2.获取当前访问资源路径
String url = request.getRequestURL().toString();
//3,遍历数组,获取到每一个需要放行的资源路径
for (String u : urls) {
//判断url是否包含urls数组中的单个的u
/*
比如当前访问的资源路径是 /brand-demo/login.jsp
而字符串 /brand-demo/login.jsp 包含了 字符串 /login.jsp ,所以这个字符串就需要放行
*/
if(url.contains(u)){
//找到了,放行
filterChain.doFilter(servletRequest,servletResponse);
//不能用break,因为该页面以后代码不能执行
return;
}
//如果没有找到,循环结束后,可继续执行以下操作
}
//可通过判断LoginServlet中是否产生名为user的session,来进行过判断拦截的条件
//1.判断session是否有user
HttpSession session = request.getSession();
Object user = session.getAttribute("user");
//2.判断user是否为null
if(user!=null){
//登录过了
//放行
filterChain.doFilter(servletRequest,servletResponse);
}else{
//没有登录
//拦截下来,跳转到登录页面,并显示未登录的信息
request.setAttribute("login_msg","账号未登录!");
request.getRequestDispatcher("/login.jsp").forward(request,servletResponse);
}
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}
4.代码下载:
JavaWeb登录注册页面-Javascript文档类资源-CSDN文库https://download.csdn.net/download/weixin_59798969/86271757
可以点个免费的赞吗!!!