Session模拟登录功能

访问内容之前检测是否已经登录

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;


@WebServlet("/oa/*")
public class ServletTest extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        HttpSession session=request.getSession();
        //设置响应内容的类型
        response.setContentType("text/html");
        response.setCharacterEncoding("UTF-8");
        //获取 真地用来往浏览器打印东西的类对象
        PrintWriter out=response.getWriter();
        if(session.getAttribute("login")!=null&&(Boolean)session.getAttribute("login")){
            out.print("已登录");
        }else{
            out.print("还没登录");
        }
    }
}

登录界面 和 后台

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>登录界面title>
head>
<body>
    <h1>用户登录h1>
    <hr>
    <%--前端页面发送请求的时候，请求路径以"/"开始，带项目名。 --%>
    <form action="<%=request.getContextPath()%>/login" method="post">
        <label for="username">用户名：label><input type="text" id="username" name="username"><br>
        <label for="password">密码：label><input type="password" id="password" name="password"><br>
        <input type="submit" value="login">
    form>
body>
html>

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.sql.*;

@WebServlet("/login")
public class login extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        //获取用户名 和 密码
        String username=request.getParameter("username");
        String password=request.getParameter("password");

        //进入数据库，按用户名查找
        Connection conn=null;
        PreparedStatement state=null;
        Boolean flag=false;
        try{
            conn= DBUtil.getConnection();
            String sql="select * from t_users where checkname=?;";
            state= conn.prepareStatement(sql);
            state.setString(1,username);
            System.out.println(state);
            ResultSet resultSet = state.executeQuery();

            while(resultSet.next()){
                if(password.equals(resultSet.getString("password"))){
                    flag=true;
                    break;
                }
            }

        } catch (SQLException | ClassNotFoundException e) {
            throw new RuntimeException(e);
        }finally {
            DBUtil.close(conn,state);
        }
        if(flag){
            HttpSession session=request.getSession();
            session.setAttribute("login",true);
        }else{
            HttpSession session=request.getSession();
            session.setAttribute("login",false);
        }
    }
}