11 Servlet——cookie三天免登陆
先看看项目流程
从主页开始的首次成功登陆的运行流程:index.jsp->CookieServlet(检查是否有cookie记录,如果没有记录跳转登录页面)->PageServlet(登录页面)->LoginServlet(从上个页面获取账号密码,调用service做校验,如果账号密码均正确,设置cookie并跳转主页)->MainServlet(主页)
从主页开始的3天内免登陆流程:index.jsp->CookieServlet(检查是否有cookie记录(uid),如有则调用service校验该用户是否存在,如果存在,跳转主页面)->MainServlet(主页面)
Cookie信息校验
编写CookieServlet
- 判断请求中是否携带正确的Cookie信息
- 如果有则校验Cookie信息是否正确
- 如果校验正确则直接响应主页面(MainServlet)给用户
- 如果校验不正确则响应登录页面(PageServlet)给用户
- 如果没有则请求转发给登录页面
注意:cookie中存的是用户的uid而不是账号密码,这样比较安全
CookieServlet:
package com.xiaohei.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.xiaohei.pojo.User;
import com.xiaohei.service.CookieService;
import com.xiaohei.service.LoginService;
import com.xiaohei.service.impl.CookieServiceImpl;
import com.xiaohei.service.impl.LoginServiceImpl;
/**
* Servlet implementation class CookieServlet
*/
public class CookieServlet extends HttpServlet {
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//设置请求编码
req.setCharacterEncoding("utf-8");
//设置响应类型及编码
resp.setContentType("text/html;charset=utf-8");
//获取请求
//判断是否有cookie
Cookie[] cks = req.getCookies();
//处理请求
if(null!=cks) {
//从cookie中获取uid
String uid = "";
for(Cookie c : cks) {
if("uid".equals(c.getName())) {
uid = c.getValue();
}
}
//校验用户是否存在(使用uid)
CookieService ls = new CookieServiceImpl();
User u = ls.checkUidService(uid);
if(null!=u) {//存在,跳转主页
resp.sendRedirect("main");
return;
}else {//不存在,跳转登录页面
req.getRequestDispatcher("/page").forward(req, resp);
return;
}
}else {//没有cookie,跳转登录页面
req.getRequestDispatcher("/page").forward(req, resp);
return;
}
}
}
CookieServiceImpl
public class CookieServiceImpl implements CookieService{
//校验用户是否存在
@Override
public User checkUidService(String uid) {
CookieDao dao = new CookieDaoImpl();
User user = dao.checkUid(uid);
return user;
}
}
CookieDaoImpl
public class CookieDaoImpl implements CookieDao{
@Override
public User checkUid(String uid) {
User user = null;
try(Connection conn = JDBCUtil.getConnection();) {
String sql = "select * from t_user where uid = ? ";
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, uid);
ResultSet set = ps.executeQuery();
while(set.next()) {
user = new User();
int id = set.getInt("uid");
String username = set.getString("uname");
String password = set.getString("pwd");
user.setUid(id);
user.setUsername(username);
user.setPassword(password);
return user;
}
} catch (SQLException e) {
e.printStackTrace();
}
return null;
}
}
LoginServlet 添加Cookie
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//设置请求编码
req.setCharacterEncoding("utf-8");
//设置响应编码
resp.setContentType("text/html;charset=utf-8");
//获取请求数据
username = req.getParameter("uname");
password = req.getParameter("pwd");
//处理请求
LoginService ls = new LoginServiceImpl();
User user = ls.checkLoginService(username, password);
//响应
if(null != user) {
//创建cookie,实现3天免登陆
//我们不直接存账号密码,而是存用户的uid
Cookie c = new Cookie("uid",user.getUid()+"");
//设置有效期为3天
c.setMaxAge(3*24*3600);
//设置指定url
c.setPath("/200222-CookieLogin/ck");
//添加
resp.addCookie(c);
String username = user.getUsername();
String pwd = user.getPassword();
resp.sendRedirect("main");
return;
}else {
//请求转发
req.setAttribute("msg", "账号或密码错误");
req.getRequestDispatcher("page").forward(req, resp);
return;
}
}