1.基于SSM框架的Maven搭建
2.搭建业务流程实现如下
(1)创建用户User
public class User {
private int id;
private String client_id;
//登录状态(登陆,未登录)
private String status;
//用户名
private String username;
//密码
private String password;
//最后一次登录时间
private Timestamp last_login;
(2)持久层接口
@Repository
public interface UserDao {
//登陆
public User Login(String username,String password);
//根据ID查找用户
public User findById(int id);
// 修改密码
public int updatePass(User user);
}
(3)持久层实现User.xml
<mapper namespace="com.sso.dao.UserDao">
<sql id="UserColumns">
c.id,
c.client_id,
c.status,
c.username,
c.password,
c.last_login
</sql>
<!-- 根据id查找 -->
<select id="findById" resultType="com.sso.entity.User">
SELECT
<include refid="UserColumns" />
FROM dim_user c
WHERE c.id = #{0}
</select>
<!-- 修改密码 -->
<update id="updatePass">
UPDATE dim_user
SET
<if test="password !='' and password != null ">
password = #{password}
</if>
where id = #{id}
</update>
<!-- 登陆 -->
<select id="Login" resultType="com.sso.entity.User">
select * from dim_user c where
c.username = #{0} and c.password = #{1}
</select>
</mapper>
(4)业务层接口
public interface UserService {
//登陆
public User Login(String username,String password);
//根据ID查找用户
public User findById(int id);
// 修改密码
public int updatePass(User user);
}
(5)业务层实现类
@Service
public class UserServiceImpl implements UserService {
@Resource
private UserDao dao;
@Override
public User Login(String username, String password) {
return dao.Login(username, password);}
@Override
public int updatePass(User user) {
return dao.updatePass(user);}
@Override
public User findById(int id) {
return dao.findById(id);
}}
(6)控制层
@Controller
@RequestMapping("/user")
public class UserController {
@Resource
private UserService service;
//登陆
@RequestMapping(value="/login",produces = "text/html;charset=UTF-8")
public String login(Model model,String uName,String uPassword,HttpSession session ){
String password = GetMD5.getMD5(uPassword);
User user = service.Login(uName, password);
if(user != null) {
/**
*是将user保存在session中
*session 的key值为“user”,value 值就是user真实的值,或者引用值
*/
session.setAttribute("user", user);
return "jsp/choosemk.jsp";
}
return "redirect:/index.jsp";
}
// 修改密码
@RequestMapping("/updatePass")
public String updatePass(HttpServletRequest request,HttpSession session,Model model){
//原始密码
String oldPassword = GetMD5.getMD5(request.getParameter("old"));
//新密码
String newPassword1 = request.getParameter("new1");
//再次确认新密码
String newPassword2 = request.getParameter("new2");
//通过session.getAttribute(“user”) 的方法获得这个对象
User user = (User) session.getAttribute("user");
String yuanPassword = user.getPassword();
if(oldPassword.equals(yuanPassword)){
if(newPassword1.equals(newPassword2)){
user.setPassword(GetMD5.getMD5(newPassword2));
service.updatePass(user);
String success = "密码修改成功";
model.addAttribute("success", success);
return "jsp/platform.jsp";
}else{
String notSame = "两次输入的密码不一样";
model.addAttribute("notSame", notSame);
return "jsp/platform.jsp";
}
}
String yError = "原密码错误";
model.addAttribute("yError", yError);
return "jsp/platform.jsp";}
//注销
@RequestMapping("/outLogin")
public String remove(HttpServletRequest request) {
request.getSession().invalidate();
return "redirect:/index.jsp";}}
3.登录认证的拦截器实现
(1)登录认证的拦截器
//登录认证的拦截器
public class LoginInterceptor implements HandlerInterceptor{
//执行Handler方法之前执行
//用于身份认证、身份授权
//比如身份认证,如果认证通过表示当前用户没有登陆,需要此方法拦截不再向下执行
//该方法将在Controller处理之前进行调用
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object handler) throws Exception {
/**
* 从当前request中获取session,如果获取不到session,则会自动创建一个session,并返回新创建的
* session;如果获取到,则返回获取到的session;
*/
HttpSession session=request.getSession();
//从session中取出用户份信息
User user = (User) session.getAttribute("user");
if(user != null){
//身份存在,放行
return true;
} else {
//执行这里表示用户身份需要验证,跳转到登录界面
request.getRequestDispatcher("../index.jsp").forward(request, response);///WEB-INF/jsp/
//return false表示拦截,不向下执行
//return true表示放行
return false;}}
//进入Handler方法之后,返回modelAndView之前执行
//应用场景从modelAndView出发:将公用的模型数据在这里
//传到视图,也可以在这里统一指定视图
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response,
Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("HandlerInterceptor1......postHandle");}
//执行Handler完成执行此方法
//应用场景:统一异常处理,统一日志处理
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response,
Object handler, Exception ex)throws Exception {
System.out.println("HandlerInterceptor1......afterHandle");}}
(2)在springmvc.xml配置拦截器
<!-- 拦截器配置,拦截顺序:先执行后定义的,排在第一位的最后执行。-->
<mvc:interceptors>
<!-- 多个拦截器,顺序执行 -->
<mvc:interceptor>
<!-- /**表示所有url包括子url路径 -->
<mvc:mapping path="/chooseData/**"/>
<mvc:mapping path="/user/**"/>
<mvc:mapping path="/home/**"/>
<mvc:exclude-mapping path="/user/login" />
<mvc:exclude-mapping path="/chooseData/sensorShow" />
<bean class="com.quelingfei.settings.Interceptor.LoginInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
5.用户名密码加密处理MD5
public class GetMD5 {
public static String getMD5(String message) {
String md5 = "";
try {
MessageDigest md = MessageDigest.getInstance("MD5"); // 创建一个md5算法对象
byte[] messageByte = message.getBytes("UTF-8");
byte[] md5Byte = md.digest(messageByte); // 获得MD5字节数组,16*8=128位
md5 = bytesToHex(md5Byte); // 转换为16进制字符串
} catch (Exception e) {
e.printStackTrace(); }return md5;}
// 二进制转十六进制
public static String bytesToHex(byte[] bytes) {
StringBuffer hexStr = new StringBuffer();
int num;
for (int i = 0; i < bytes.length; i++) {
num = bytes[i];
if(num < 0) {num += 256;}
if(num < 16){hexStr.append("0");}
hexStr.append(Integer.toHexString(num));}
return hexStr.toString().toUpperCase();}
//主函数测试
public static void main(String[] args) {
System.out.println(getMD5("root"));}}
