java verifies that the user is logged in and implements the automatic login method
- 2020-06-01 09:38:53
- OfStack
Verify that the user is logged in
package cn.hongxin.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginFilter implements Filter{
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// will request Equivalent to htt...
HttpServletRequest req = (HttpServletRequest) request;
// To obtain session
HttpSession ss = req.getSession();
// from session To derive user
if(ss.getAttribute("user")==null){
System.err.println(" You're not logged in yet ");
req.getSession().setAttribute("msg", " Please log in first ");
// Redirect to login
HttpServletResponse resp = (HttpServletResponse) response;
resp.sendRedirect(req.getContextPath()+"/index.jsp");[W2]
}else{
// release
chain.doFilter(request, response);
}
}
public void destroy() {
}
}
Configure to web.xml and consider jsps/* :
<filter>
<filter-name>login</filter-name>
<filter-class>cn.itcast.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/jsps/*</url-pattern>
<url-pattern>/views/*</url-pattern>
</filter-mapping>
Automatic login
Automatic login is to help users use the page multiple times without having to enter their username and password again.
The user saves the user's login information, the person, to a local file called Cookie.
Name,value, new Cookie(key,value);
Path - the default value, which is the current serlvet path where cookie is saved.
If Cookie in this path: http: / / loclhost: 8080 / project abc/AServlet
The Cookie path is: http: / / loclhost project/abc
The description:
Place in http: / / loclhost/project/abc directory servlet can read the cookie values.
If:
Save Cookie class: http: / / loclhost: 8080 / project/a/b/AServlet
Then the default path of Cookie is;
http://loclhost/project/a/b
Step 1: develop a login page
<c:choose>
<c:when test="${empty sessionScope.name}">
<form name="x" method="post" action="<c:url value='/LoginServlet'/>">
Name:<input type="text" name="name"/><br/>
auto:
<input type="radio" name="auto" value="-1"> No automatic login
<br/>
<input type="radio" name="auto" value="1">1 day <br/>
<input type="radio" name="auto" value="7">1 weeks <br/>
<input type="submit"/>
</form>
</c:when>
<c:otherwise>
You're logged in :${name}<br/>
<a href="<c:url value='/LoginServlet'/>"> exit </a>
</c:otherwise>
</c:choose>
Step 2: successfully save cookie
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// Receive user name
String name = request.getParameter("name");
String auto = request.getParameter("auto");
// Put the user information in session
request.getSession().setAttribute("name",name);
// judge auto Whether it is -1
if(!auto.equals("-1")){
int day = Integer.parseInt(auto);//1|7
int seconds = 60*60*24*day;
// The statement cookie
Cookie c = new Cookie("autoLogin",name);
c.setMaxAge(seconds);
c.setPath(request.getContextPath());
// save cookie
response.addCookie(c);
}
}
Step 3: request to visit any page in the site should be automatically logged in
Write a filter to override all url=/*. Read all cookie in doFilter. Does the name cookie exist with the name autoLogin?
Always let go.
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// Read here cookie
HttpServletRequest req = (HttpServletRequest) request;
// Get what you have cookie
Cookie[] cs = req.getCookies();
if(cs!=null){
for(Cookie c:cs){
if(c.getName().equals("autoLogin")){// If there is an automatic login cookie
String value = c.getValue();// The user name
// Login is successful
req.getSession().setAttribute("name", value);
break;
}
}
}
// Whether it is automatically logged in or not
chain.doFilter(request, response);
}
Step 4: configure to web.xml for all url=/*
<filter>
<filter-name>auto</filter-name>
<filter-class>cn.itcast.filter.AutoFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>auto</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Step 5: exit development
System.err.println(" User exit ");
// Delete the entire session
request.getSession().invalidate();
Cookie c = new Cookie("autoLogin", "ddd");
c.setMaxAge(0);
c.setPath(request.getContextPath());
response.addCookie(c);
// request.getSession().removeAttribute("name");
response.sendRedirect(request.getContextPath()+"/index.jsp");
Step 6: optimize the code
Since the user will also enter the doFilter method of AutoFiilter when manually logging in and read all Cookie once. This traversal is redundant for the user.
Therefore, LoginServet and url should be overdone in doFiler.
And to exit also cannot automatically log in.