Servlet使用cookie+session实现免密登录*图片验证码登录
1.实现思路图**
2. 项目简介
1.项目名称 Servlet_FIlter
2.本项目为 web service 项目
3.第一次登陆请求为: http://localhost/Servlet_Filter/nopassfilter
4.项目目录
3. 代码
1. login.html(登录页面)
<!DOCTYPE html>
<html>
<head>
<title>login.html</title>
<style type="text/css">
.d1{
width:320px;
height:260px;
position:absolute;left:500px;top:200px;
}
.i1{
width:250px;
height:30px;
margin:5px;
}
.i2{
width:100px;
height:30px;
margin:5px;
}
a{ margin-top:10px;}
.d2{
margin:5px;
position:absolute;left:95px;bottom:0px;
}
.d2 input{
width:60px;
height:30px;
}
.d3{
position:absolute;
margin:10px;
}
select{
width:100px;
height:25px;
position:absolute;
}
</style>
</head>
<body>
<div class="d1">
<form action="/Servlet_Filter/t_login" method="post">
用户: <input class="i1" type="text" name="username"/><br>
密码: <input class="i1" type="password" name="password"/><br>
验证码:<input class="i2" type="text" name="code"/>
<a href="login.html"><img src="/Servlet_Filter/code"/></a><br/>
<div class="d3">
自动登陆:<input type="checkbox" name="check" value="1"/>
保存状态:<select name="timeout">
<option>一小时</option><option>一天</option>
<option>一周</option><option>一月</option>
</select>
</div>
<div class = "d2">
<input type="submit" value="submit"/>
<input type="reset" value="reset"/>
</div>
</form>
</div>
</body>
</html>
2. LoginServlet (登录业务处理Servlet)
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.java.service.UserService;
import com.java.service.impl.UserServiceImpl;
import com.java.tool.Tool;
public class LoginServlet extends HttpServlet{
@Override
protected void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
UserService service = new UserServiceImpl();
String username = null;
String password = null;
String timeout = request.getParameter("timeout");
String autoLogin = request.getParameter("check");
System.out.println(timeout+"---"+autoLogin);
//获取验证码
String code = request.getParameter("code");
String url ="/Servlet_Filter/nopassfilter/find";
boolean bool = false;
//验证码校验
if(request.getSession().getAttribute("validationCode").equals(code)){
username = request.getParameter("username");
password = request.getParameter("password");
//验证用户名密码是否为空值
if(!"".equals(username) && !"".equals(password)){
//验证用户名-密码
bool = service.login(username, password);
}else{
url = "/Servlet_Filter/login.html";
}
}
//保存登录状态
if(bool){
//保存cookie的值
Cookie cook = new Cookie("userinfo", "username="+username+"&"+"password="+password+"&"+"autoLogin="+autoLogin);
cook.setMaxAge(Tool.countTime(timeout));
response.addCookie(cook);
//设置登录标志
HttpSession session = request.getSession();
session.setAttribute("LoginStatus", "1");
//设置session的有效时间
session.setMaxInactiveInterval(60*60);
response.sendRedirect(url);
}else{
response.sendRedirect(url);
}
}
}
3. LoginNoPassWordFilter(免密登录过滤器)
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginNoPassWordFilter implements Filter{
@Override
public void destroy() {}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req =(HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
String userinfo = null;
Cookie[] cook = req.getCookies();
String[] s = null;
String autoLogin = null;
Map<String,String> map = getAutoLogin(cook);
autoLogin = map.get("autoLogin");
Object loginstatus = req.getSession().getAttribute("LoginStatus");
if("1".equals(autoLogin)){
//自动登录--跳转到主页面
if(!"1".equals(loginstatus)){
req.getSession().setAttribute("LoginStatus",1);
}
res.sendRedirect("/Servlet_Filter/login/find");
}else{
//已经登陆过--直接跳转到主页面
if((userinfo!=null || loginstatus!=null)){
if(!"1".equals(loginstatus)){
req.getSession().setAttribute("LoginStatus",1);
}
//重定向到主页面请求
res.sendRedirect("/Servlet_Filter/login/find"); //可以是自定义页面路径
}else{
//转向登录页面
res.sendRedirect("/Servlet_Filter/login.html");
}
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {}
/**
* 对浏览器传的cookie进行处理
* @param cookie
* @return
*/
public Map<String,String> getAutoLogin(Cookie[] cookie){
Map<String, String> map = new HashMap<String, String>();
if (cookie!=null) {
String userinfo = null;
for (Cookie cook : cookie) {
if("userinfo".equals(cook)){
userinfo = cook.getValue();
}
}
if(userinfo!=null){
String[] info = userinfo.split("&");
for (int i = 0; i < info.length; i++) {
String[] str = info[i].split("=");
map.put(str[0], str[1]);
}
}
}
return map;
}
}
4. web.xml 配置
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>Servlet_Filter</display-name>
<!--登录 -->
<servlet>
<servlet-name>login</servlet-name>
<servlet-class>com.java.servlet1.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>login</servlet-name>
<url-pattern>/t_login</url-pattern>
</servlet-mapping>
<!--查询 主页面配置 -->
<servlet>
<servlet-name>find</servlet-name>
<servlet-class>com.java.servlet.ShowUserServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>find</servlet-name>
<url-pattern>/login/find</url-pattern>
</servlet-mapping>
<!--免密登录过滤器 -->
<filter>
<filter-name>nopassfilter</filter-name>
<filter-class>com.java.filter.LoginNoPassWordFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>nopassfilter</filter-name>
<url-pattern>/nopassfilter/*
4. 完整代码可以在本人的 github 上下载,完整代码功能包括:
1.图片验证码的实现
2.登录标志的设置
3.使用cookie实现免密登录
4.登录过滤器的实现
5.编码过滤器的实现)
地址:https://github.com/jiawangli21/Servlet/tree/master/Servlet_Filter