UserDao
UserService
UserLoginServlet:
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setContentType("text/html;UTF-8");
try {
//接收数据
Map<String,String[]> map = request.getParameterMap();
User user = new User();
BeanUtils.populate(user, map);
UserService userService = new UserService();
User existUser = userService.userLogin(user);
if(existUser == null) {
request.setAttribute("error", "用户名或密码错误!");
request.getRequestDispatcher("/userLogin/login.jsp").forward(request, response);
} else {
//登录成功,记住用户名和密码
String autoLogin = request.getParameter("autoLogin");
if("true".equals(autoLogin)) {
//复选框勾选,将信息存入cookie
Cookie cookie = new Cookie("autoLogin", existUser.getUsername()+"#"+existUser.getPassword());
cookie.setPath("/Web15_1");
cookie.setMaxAge(60*60*24*7);
response.addCookie(cookie);
//System.out.println(cookie.getValue());
}
//用session存取用户信息
request.getSession().setAttribute("existUser", existUser);
//重定向
response.sendRedirect("/Web15_1/userLogin/index.jsp");
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
LoginFilter:
(服务端要有一个保存用户信息的session才能登陆,有的话直接登陆,没有的话从cookie中找,然后存入session中再登陆)
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
/**
* 先判断session中是否有用户的信息:
*(服务端要有这个session才能登陆,有的话直接登陆,没有的话从cookie中找,然后存入session中再登陆)
* * session中如果有:放行.
* * session中没有:
* * 从Cookie中获取:
* * Cookie中没有:放行.
* * Cookie中有:
* * 获取Cookie中存的用户名和密码到数据库查询.
* * 没有查询到:放行.
* * 查询到:将用户信息存入到session . 放行.
*/
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
//从session中获取user
User user = (User) session.getAttribute("existUser");
if(user != null) { //session中有user
//放行
chain.doFilter(request, response);
} else {
//session中没有用户信息从cookie中获取
Cookie[] cookie = req.getCookies();
//从cookie中查找名称为autoLogin的cookie
Cookie autoCookie = CookieUtils.find(cookie, "autoLogin");
if(autoCookie == null) {
//放行
chain.doFilter(request, response);
} else {
try {
//找到了名称为autoLogin的cookie
String value = autoCookie.getValue();
//将"username#password"分隔开
String[] userMessage = value.split("#");
User newUser = new User();
newUser.setUsername(userMessage[0]);
newUser.setPassword(userMessage[1]);
UserService userService = new UserService();
User checkUser = userService.userLogin(newUser);
if(checkUser == null) {
//用户名或密码错误;cookie被篡改
chain.doFilter(request, response);
} else {
//将用户存到session中,放行
session.setAttribute("existUser", checkUser);
chain.doFilter(request, response);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
}
查找名称为XXX的Cookie的工具类:
package autologin.utils;
import javax.servlet.http.Cookie;
public class CookieUtils {
public static Cookie find(Cookie[] cookies, String name) {
if(cookies == null) {
return null;
} else {
//找到名称为name的cookie
for (Cookie cookie : cookies) {
if(name.equals(cookie.getName())) {
return cookie;
}
}
}
return null;
}
}
login.jsp的自动登录CheckBox:
<label>
<input type="checkbox" name="autoLogin" value="true"> 自动登录
</label>
index.jsp:
登陆后显示(您好:XXX)
<div class="col-md-3" style="padding-top:20px">
<ol class="list-inline">
<c:if test="${ empty existUser }">
<li><a href="login.jsp">登录</a></li>
<li><a href="register.htm">注册</a></li>
</c:if>
<c:if test="${ not empty existUser }">
<li><span style="color:blue">您好:</span>${ existUser.nickname }</li>
<li><a href="login.htm">退出</a></li>
</c:if>
<li><a href="cart.htm">购物车</a></li>
</ol>
</div>