用户自动登录使用过滤器来实现。
1.当用户勾选自动登录时,在登录的servlet中将用户名密码记录到cookie。
2.新建filter在其中判断浏览器是否带着用户名和密码的cookie
3.验证cookie,将正确获得的用户实体存入到session
bean,service和dao就不传了都一样的代码
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta charset="UTF-8">
<title>login</title>
</head>
<body>
<h3>请登录:</h3>
<h4><%=request.getAttribute("msg")!=null?request.getAttribute("msg"):""%></h4>
<form action="${pageContext.request.contextPath }/loginServlet" method="post">
<input type="text" name="username" /><br/>
<input type="password" name="password" /><br/>
是否自动登录:<input type="checkbox" name="autoLogin"><br/>
<input type="submit" value="登录" /><br/>
</from>
</body>
</html>loginServlet
package web;
import java.io.IOException;
import java.net.URLEncoder;
import java.sql.SQLException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import domain.User;
import service.UserService;
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public LoginServlet() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//也可在filter中实现全局中文编码
//tomcat8中已经处理了get方法中文处理
request.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
//获得是否自动登录的参数
String autoLogin = request.getParameter("autoLogin");
System.out.println("autoLogin:"+autoLogin);
//获得request传来的参数
String username = request.getParameter("username");
String password = request.getParameter("password");
//封装到User类
User user = new User();
user.setUsername(username);
user.setPassword(password);
//查询用户是否存在
UserService us = new UserService();
User userFlag = null;
try {
userFlag = us.login(user);
} catch (SQLException e) {
e.printStackTrace();
}
//response反馈
if(userFlag != null) {
//判断是否需要自动登录
if(autoLogin!=null) {
//转码中文用户名
String username1 = URLEncoder.encode(userFlag.getUsername(), "UTF-8");
//用cookie来保存用户名与密码,在过滤器中判断此cookie
Cookie cusername = new Cookie("cusername", username1);
Cookie cpassword = new Cookie("cpassword", userFlag.getPassword());
cusername.setPath("/");
cpassword.setPath("/");
cusername.setMaxAge(60*60);//1小时
cpassword.setMaxAge(60*60);//1小时
response.addCookie(cusername);
response.addCookie(cpassword);
}
System.out.println(userFlag);
request.getSession().setAttribute("user", userFlag);
request.getRequestDispatcher("/index.jsp").forward(request, response);
}else {
//错误信息一起返回到登录页面
request.setAttribute("msg", "用户不存在或密码错误!");
request.getRequestDispatcher("/request/login.jsp").forward(request, response);
}
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}autoLoginFilter
package web;
import java.io.IOException;
import java.net.URL;
import java.net.URLDecoder;
import java.sql.SQLException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import domain.User;
import service.UserService;
public class AutoLoginFilter implements Filter{
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain chain)
throws IOException, ServletException {
//转换参数类型
HttpServletRequest request = (HttpServletRequest) arg0;
HttpServletResponse response = (HttpServletResponse) arg1;
//流程
//1如果已登录,不进行自动登录
//2如果浏览器没有自动登录cookie,不进行自动登录
//3如果cookie不正确,步子动登录。
//4如果没有自动登录且cookie信息正确,进行自动登录,将得到的用户存放到session中。
//获得request域中的用户
User loginUser = (User) request.getAttribute("user");
//判断用户是否登录
if(loginUser!=null) {
//用户已登录,放行
chain.doFilter(request, response);
return;//结束程序
}
//获得request域中的cookie
Cookie[] cookies = request.getCookies();
Cookie cusername = null;
Cookie cpassword = null;
for (Cookie cookie : cookies) {
if("cpassword".equals(cookie.getName())) {
cpassword = cookie;
}else if("cusername".equals(cookie.getName())) {
cusername = cookie;
}
}
//判断cookie是否为空
if(cusername==null || cpassword==null) {
chain.doFilter(request, response);
return;//结束程序
}
//封装用户
User user = new User();
//这里处理一下servlet中URLEncode用户名的中文
user.setUsername(URLDecoder.decode(cusername.getValue(), "UTF-8"));
user.setPassword(cpassword.getValue());
//调用service登录获得用户实体
UserService us = new UserService();
User login = null;
try {
login = us.login(user);
} catch (SQLException e) {
e.printStackTrace();
}
if(login!=null) {
HttpSession session = request.getSession();
session.setAttribute("user", login);
}
//放行
chain.doFilter(request, response);
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}