filter_登录验证案例
需求:
- 访问day_07案例的资源 验证其是否登录
- 如果登录了 则直接放行
- 如果没有登录 则跳转到登录页面 提示“您尚未登录 请先登录”
登录代码
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>登录页面</title> <script> window.onload=function () { document.getElementById("img").onclick=function () { this.src="/CheckCodeServlet?time="+new Date().getTime(); } } </script> <style> div{ color:red; } </style> </head> <body> <form action="/loginServlet" method="post"> <table> <tr> <td>用户名</td> <td><input type="text" name="username"></td> </tr> <tr> <td>密码</td> <td><input type="password" name="password"></td> </tr> <tr> <td>验证码</td> <td><input type="text" name="checkCode"></td> </tr> <tr> <td colspan="2"><img id="img" src="/CheckCodeServlet"></td> </tr> <tr> <td colspan="2"><input type="submit" name="登录"></td> </tr> </table> </form> <div><%=request.getAttribute("cc_error")==null ? "" :request.getAttribute("cc_error")%></div> <div><%=request.getAttribute("login_error")==null ? "" :request.getAttribute("login_error")%></div> </body> </html>
欢迎页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>欢迎页面</title> </head> <body> <h1><%=request.getSession().getAttribute("user")%>,欢迎您</h1> </body> </html>
验证码生成
package com.bai.servlet; import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.awt.*; import java.awt.image.BufferedImage; import java.io.IOException; import java.util.Random; @WebServlet("/CheckCodeServlet") public class CheckCodeServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { int width = 100; int height = 50; //1.创建一对象 在内存中图片(验证码图片对象) BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB); //2.美化图片 //2.1填充背景色 Graphics g = image.getGraphics();//画笔对象 g.setColor(Color.PINK); g.fillRect(0,0,width,height); //2.2画边框 g.setColor(Color.BLUE); g.drawRect(0,0,width-1 ,height-1); String str="ABCDEFGHIJLMNOPQRTUVWXYZabcdefghigklmnopqstuvwxyz0123456789"; //生成随机角标 Random ran = new Random(); StringBuilder sb = new StringBuilder(); for (int i=1;i<=4;i++){ int index=ran.nextInt(str.length()); //获取字符 char ch = str.charAt(index);//随机字符 sb.append(ch); //2.3写验证码 g.drawString(ch+"",width/5*i,height/2); } String checkCode_session = sb.toString(); //将验证码存入session req.getSession().setAttribute("checkCode_session",checkCode_session); //2.4画干扰线 g.setColor(Color.GREEN); //随机生成坐标点 for (int i = 0; i < 10; i++) { int x1=ran.nextInt(width); int x2=ran.nextInt(width); int y1=ran.nextInt(height); int y2=ran.nextInt(height); g.drawLine(x1,x2,y1,y2); } //3.将图片输出到页面展示 ImageIO.write(image,"jpg",resp.getOutputStream()); } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet(req, resp); } }
LoginServlet类
package com.bai.servlet; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; @WebServlet("/loginServlet") public class LoginServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { //设置request编码 req.setCharacterEncoding("utf-8"); //获取参数 String username = req.getParameter("username"); String password = req.getParameter("password"); String checkCode = req.getParameter("checkCode"); //获取生成的验证码 HttpSession session = req.getSession(); String checkCode_session = (String) session.getAttribute("checkCode_session"); //判断验证码是否正确 if (checkCode_session.equals(checkCode)) { //忽略大小写比较 //验证码正确 //判断用户名和密码是否一致 if ("zhangsan".equals(username) && "123".equals(password)) {//需要调用UserDao查询数据库 //登录成功 //存储信息 用户信息 session.setAttribute("user", username); //重定向到success resp.sendRedirect(req.getContextPath() + "/success.jsp"); } else { //登录失败 //存储提示信息到request req.setAttribute("login_error", "用户名或密码错误"); //转发到登录页面 req.getRequestDispatcher("/login.jsp").forward(req, resp); } } else { //验证码不一致 //存储提示信息到request req.setAttribute("cc_error","验证码错误"); //转发到登录页面 req.getRequestDispatcher("/login.jsp").forward(req,resp); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet(req, resp); } }
登录页面
拦截器代码
package com.bai.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import java.io.IOException; /** * 登录验证的过滤器 */ @WebFilter("/*") public class LoginFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { //强转转换 HttpServletRequest request = (HttpServletRequest) servletRequest; //获取资源请求路径 String uri = request.getRequestURI(); //判断是否包含登录相关资源路径 if (uri.contains("/login.jsp") || uri.contains("/loginServlet") || uri.contains("/css/") || uri.contains("/js/") || uri.contains("/fonts/") || uri.contains("/CheckCodeServlet")) { //包含 用户就想登录 放行 filterChain.doFilter(servletRequest, servletResponse); } else { //不包含 需要验证用户是否登录 //获取session中获取user Object user = request.getSession().getAttribute("user"); if (user != null) { //登录了 放行 filterChain.doFilter(servletRequest, servletResponse); } else { //没有登录 跳转登录页面 request.setAttribute("login_msg", "您尚未登录 请登录"); request.getRequestDispatcher("/login.jsp").forward(request, servletResponse); } } } public void destroy() { } }
运行结果
标签:登录,验证,req,request,filter,import,servlet,javax From: https://www.cnblogs.com/aimz01/p/16598971.html