javaweb session完成用户登入

package com.****;

import com.wlsq.kso.entity.AccountUser;
import com.wlsq.kso.entity.Developer;
import com.wlsq.kso.service.AccountUserService;
import com.wlsq.kso.service.IDeveloperService;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

/**
 * 用户登入Controller
 * 
 * @author zzg
 * @date 2017-02-27
 */

@Controller
@RequestMapping(value ="login")
public class LoginController
{

  @Autowired
  private IDeveloperService developerService;
  
  @Autowired
  private AccountUserService accountUserService;
  

 
  //结算管理员退出操作。
  @RequestMapping(value ="/logout.html")
  public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException {
	  response.setCharacterEncoding("UTF-8");  
      response.setHeader("Content-type", "text/html;charset=UTF-8");
	  HttpSession session = request.getSession(false);  
      if (session == null) {  
          // 没登录，重定向到首页  
          String url = response.encodeRedirectURL(request.getContextPath()  
                  + "/login.jsp");  
          response.sendRedirect(url);  
          System.out.println("系统重定向页面1："+url);
          return;  
      }  
      // 从session中移除登录状态  
      session.removeAttribute("user");  
      // 重定向到首页，URL重写方式  
      String url = response.encodeRedirectURL(request.getContextPath()  
              + "/login.jsp");  
      response.sendRedirect(url);  
      System.out.println("系统重定向页面2："+url);
  
  }

  
  //结算系统管理员登入接口。
  @RequestMapping({"/accountUserLogin.html"})
  public ModelAndView accountUserLogin(HttpServletRequest request, HttpServletResponse response,@RequestParam String username, @RequestParam String password)
  {
    ModelAndView modelAndView = new ModelAndView();
    HttpSession session = request.getSession();  
// 暂时关闭--验证码验证。    
//    String reallyCode = (String) session.getAttribute("code");
//    if (!code.equalsIgnoreCase(reallyCode))
//    {
//      modelAndView.addObject("error", "验证码错误");
//      modelAndView.setViewName("redirect:/login/accountUserLogin.html");
//    } else {
        Map<String,String> map = new HashMap<String,String>();
        map.put("username", username);
        map.put("password", password);
    	AccountUser acountUser = this.accountUserService.selectAccountUserByUsernamePassword(map);
      if (acountUser != null) {
    	  // 手动设置session的有效期为30分钟  
          String sessionId = session.getId();  
          Cookie cookie = new Cookie("JSESSIONID", sessionId);  
          cookie.setMaxAge(60 * 30);  
          cookie.setPath(request.getContextPath());  
          response.addCookie(cookie);  
       // 登录成功后要存入用户的登录状态，key是用户对象的String形式value就是用户对象(model)！！别的页面应该能用到  
        session.setAttribute("user", acountUser);
        //返回系统主页
        
//        if (developer.getUserType().intValue() == 0)
//        {
//          modelAndView.setViewName("front_end/application/applications");
//        }
//        else {
//          modelAndView.setViewName("front_end/application/applications");
//        }
        acountUser.setUpdatedate(new Date());       
        this.accountUserService.updateByPrimaryKeySelective(acountUser);
        
        modelAndView.setViewName("index");
        
      }
      else {
        modelAndView.addObject("error", "用户不存在");
        modelAndView.setViewName("redirect:login/accountUserLogin.html");
      }
    //}
    return modelAndView;
  }

}