页面设置a标签,href路径为action=logout
servlet层:
else if ("logout".equals(action)){
//退出登录
userLogOut(request,response);
}
private void userLogOut(HttpServletRequest request,
HttpServletResponse response) throws IOException {
//1.销毁session
request.getSession().invalidate();
//2.删除cookie
Cookie cookie = new Cookie("user",null);
cookie.setMaxAge(0);
//响应
response.addCookie(cookie);
//3.跳转到登录页面
response.sendRedirect("login.jsp");
}
销毁session方法invalidate()
销毁cookie方法:setMaxAge(0)
自动登录模块
过滤器的设置:
// 基于HTTP
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse)resp;
// 得到请求的路径
String requestUri = request.getRequestURI(); // 站点名+资源路径
String action = request.getParameter("action");
// 放行指定行为 action (登录操作、自动登录操作)
if (requestUri.contains("/user")) {
if ("login".equals(action) || "autoLogin".equals(action)) {
chain.doFilter(request, response);
return;
}
}
// 登录状态 放行 (session作用域中的user对象不为空)
User user = (User) request.getSession().getAttribute("user");
if (user != null) {
chain.doFilter(request, response);
return;
}
// 判断cookie是否为空 如果cookie不为空,得到用户名和密码,调用登录方法
Cookie[] cookies = request.getCookies();
// 判断cookie数组是否为空
if (cookies != null && cookies.length >0) {
for (Cookie cookie : cookies) {
String name = cookie.getName();
if ("user".equals(name)) {
String value = cookie.getValue();
if (StringUtil.isEmpty(value)) {
return;
}
String userName = value.split("-")[0];
String userPwd = value.split("-")[1];
// 调用登录方法
request.getRequestDispatcher("user?action=autoLogin&userName=" + userName + "&userPwd=" + userPwd).forward(request, response);
return;
}
}
}
存cookie时,会设置username-userPwd
String userName = value.split("-")[0];
String userPwd = value.split("-")[1];
方便截取字符串获得userName和userPwd
servlet层:
private void autoLogin(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
//用户登录
ResultInfo<User> resultInfo = loginInfo(request,response);
// //跳转到首页
// if (resultInfo.getCode() == 1) {
// request.getRequestDispatcher("index").forward(request, response);
// }
// else {
// //跳转登录页面
// response.sendRedirect("login.jsp");
// }
// ResultInfo<User> resultInfo = loginInfo(request, response);
// 跳转到首页
if (resultInfo.getCode() == 1){
// 跳转到首页
response.sendRedirect("index");
} else {
// 跳转到登录页面
response.sendRedirect("login.jsp");
}
}
else if ("autoLogin".equals(action)) {
//自动登录
autoLogin(request,response);
}
private ResultInfo<User> loginInfo(HttpServletRequest request,
HttpServletResponse response) {
//1.接受参数
String userName = request.getParameter("userName");
String userPwd = request.getParameter("userPwd");
String rem = request.getParameter("tem");
//2.调用Service层,返回ResultInfo对象
ResultInfo<User> resultInfo = userService.login(userName, userPwd);
//3.判断code是否为1,登录成功
if(resultInfo.getCode()==1){
//将用户信息存到session作用域中
request.getSession().setAttribute("user", resultInfo.getResult());
//判断是否记住密码,是存cookie
if("1".equals(rem)){
//创建cookie对象
Cookie cookie = new Cookie("user",userName+"-"+userPwd);
//设置cookie失效时间,单位秒
cookie.setMaxAge(3*24*60*60);
//响应cookie
response.addCookie(cookie);
}
}
return resultInfo;
}
}
service层和dao层都是调用login的方法