網頁自動登錄
1. 主要需求
- 編寫首頁,檢查用戶是否登陸;
- 編寫 login.jsp;
- 編寫 LoginServlet;
- 編寫過濾器讀取 Cookie 的信息。
2. 代碼實現
a. 實體類
package com.company;
public class User {
private String userName;
private String paasword;
public User(String userName, String paasword) {
this.userName = userName;
this.paasword = paasword;
}
public User() {
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getPaasword() {
return paasword;
}
public void setPaasword(String paasword) {
this.paasword = paasword;
}
}
b. 首頁 demo.jsp
- 檢查服務器端的 Session,如果 Session 中有成功登錄的數據則自動登錄。
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>demo.jsp</title>
</head>
<body>
<c:choose>
<%--注意:如果登陸成功,Session會存儲一個登錄成功的信息,名字爲loginUser;--%>
<c:when test="${loginUser!=null}">
<%--已經登錄--%>
<h4>歡迎:${loginUser.userName}</h4>
</c:when>
<c:otherwise>
<a href="${pageContext.request.contextPath}/login.jsp">登錄</a>
</c:otherwise>
</c:choose>
<h2>商品列表</h2>
</body>
</html>
c. 登錄頁 login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>login.jsp</title>
</head>
<body>
<form action="${pageContext.request.contextPath}/loginServlet" method="post">
用戶名:<input type="text" name="userName"/><br/>
密碼:<input type="password" name="password"/><br/>
七天免登陸<input type="checkbox" name="auto" value="true"/>
<input type="submit" value="登陸"/>
</form>
</body>
</html>
d. 確認登錄頁信息 LoginServlet
- 匹配數據庫(此處直接替換爲明文)中的用戶數據與登錄頁中上傳的用戶數據,並在 Session 中保存成功登陸的數據。
- 通過設定 Cookie 的生命週期,來確定瀏覽器端用戶信息是否可以自動登錄。
package com.company;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("/loginServlet")
public class LoginServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String userName = request.getParameter("userName");
String password = request.getParameter("password");
if (userName.equals("Regino") && password.equals("123")) {
String auto = request.getParameter("auto");
if (auto == null) {
Cookie cookie = new Cookie("autoLogin", "");
cookie.setMaxAge(0);
response.addCookie(cookie);
} else {
Cookie cookie = new Cookie("autoLogin", userName + "_" + password);
cookie.setMaxAge(60 * 60 * 24 * 7);
response.addCookie(cookie);
}
request.getSession().setAttribute("loginUser", new User(userName, password));
response.sendRedirect(request.getContextPath() + "/demo.jsp");
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
e. 確認登錄頁信息的過濾器 AutoLoginFilter
- 即把 Cookie 讀取到 Session 中。
- 過濾器讀取 Cookie 的數據,在確認登錄頁信息前,檢查 Session 中是否存有 Cookie 中的數據,如果沒有且 Cookie 中的數據正確,則將數據保存到 Session 中。
package com.company;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebFilter("/*")
public class AutoLoginFilter implements Filter {
public void init(FilterConfig config) throws ServletException {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpSession session = request.getSession();
User loginUser = (User) session.getAttribute("loginUser");
if (loginUser == null) {
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals("autoLogin")) {
String[] arrayInfo = cookie.getValue().split("_");
String userName = arrayInfo[0];
String pasword = arrayInfo[1];
if (userName.equals("Regino") && pasword.equals("123")) {
session.setAttribute("loginUser", new User(userName, pasword));
}
}
}
}
}
chain.doFilter(request, resp);
}
public void destroy() {
}
}
3. 測試
- 點擊登錄跳轉頁面,輸入用戶名和密碼,並確認免登錄:
- 如果未選定免登錄,重新部署或關閉 Tomcat 後,頁面提示需要再次登錄:
原文鏈接:https://qwert.blog.csdn.net/article/details/105756432