这里我就简单介绍一下,我在实现的时候处理的一些主要的实现。
1.用户登录
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
< form action = "loginAction.do" method = "post" >
< div class = "header" >
< h2 class = "logo png" ></ h2 >
</ div >
< ul >
< li >< label >用户名</ label >< input name = "username" type = "text" class = "text" /></ li >
< li />
< li >< label >密 码</ label >< input name = "password" type = "password" class = "text" /></ li >
< li />
< li class = "submits" >
< input class = "submit" type = "submit" value = "登录" />
</ li >
</ ul >
< div class = "copyright" >© 2013 - 2014 |</ div >
</ form >
|
以上是前台页面,后台的就是一个简单的逻辑实现:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
@RequestMapping (value= "loginAction.do" , method=RequestMethod.POST)
public ModelAndView loginAction( @RequestParam (value= "username" ) String username, @RequestParam (value= "password" ) String password, HttpSession session, HttpServletResponse resp, @RequestParam (value= "savetime" , required= false ) String savetime) {
session.removeAttribute(LogConstant.LOGIN_MESSAGE);
SystemUserDataBean user = userDao.getSystemUserByUserName(username);
ModelAndView view = null ;
if (user == null ) {
view = new ModelAndView( new RedirectView( "login.html" ));
session.setAttribute(LogConstant.LOGIN_MESSAGE, "用户名不正确" );
return view;
}
boolean isPasswordCorrect = EncryptionUtil.compareSHA(password, user.getPassword());
if (isPasswordCorrect){
session.setAttribute(LogConstant.CURRENT_USER, username);
} else {
view = new ModelAndView( new RedirectView( "login.html" ));
session.setAttribute(LogConstant.LOGIN_MESSAGE, "密码不正确" );
}
return view;
}
|
2.登录信息
这里,在登录页面有一段JavaScript,来显示密码错误等信息:
1
2
3
4
5
6
7
8
|
<script type= "text/javascript" >
var login_username_info = '<%=request.getSession().getAttribute("currentUser") == null ? "" : request.getSession().getAttribute("currentUser")%>' ;
var login_message_info = '<%=request.getSession().getAttribute("login_message") == null ? "" : request.getSession().getAttribute("login_message")%>' ;
if (login_message_info != null && login_message_info != '' ){
alert(login_message_info);
}
</script>
|
3.拦截未登录用户的请求
这里,从页面和后台实现了双重拦截:
页面代码如下:
1
2
3
4
5
6
7
|
<%
if (session.getAttribute( "currentUser" )== null ){
%>
window.parent.location= 'login.html' ;
<%
}
%>
|
后台是一个拦截器(servlet-config.xml):
1
2
3
4
5
6
7
|
<!-- 拦截器 -->
< mvc:interceptors >
< mvc:interceptor >
< mvc:mapping path = "/*.do" />
< bean class = "com..log.report.interceptor.AccessStatisticsIntceptor" />
</ mvc:interceptor >
</ mvc:interceptors >
|
拦截器的实现是
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
public class AccessStatisticsIntceptor implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
// TODO Auto-generated method stub
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object obj) throws Exception {
String uri = request.getRequestURI().substring(request.getRequestURI().lastIndexOf( "/" ) + 1 );
if (!AuthorityController.isAuthorized(uri, request.getSession())) {
//校验失败
return false ;
// throw new CustomException(LogConstant.USER_NOT_LOGIN);
}
return true ;
}
|
具体如何校验的,会根据用户的权限,就不介绍了
4.返回未登录前访问的页面
首先在页面添加一段脚本,使用jQuery去访问后台
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
var page = "" ;
var loc = decodeURIComponent(window.parent.location);
var start = loc.indexOf( "Log/" ) + 8;
var end = loc.indexOf( ".html" );
page = loc.substr(start, end-start);
if (page != null && page != '' ) {
alert(page);
$.ajax({
type : "get" ,
url : "setPreviousPageAction.do?previousPage=" + page + ".html" ,
success : function (msg){
}
});
}
|
然后,后台有记录这个页面:
1
2
3
4
|
@RequestMapping (value= "setPreviousPageAction.do" )
public void setPreviousPageAction( @RequestParam (value= "previousPage" ) String previousPage, HttpSession session){
session.setAttribute(LogConstant.PREVIOUS_PAGE, previousPage);
}
|
在登录完成后,返回这个页面即可。
5.保存用户名密码
登录页面提供一个保存下拉框:
1
2
3
4
5
6
|
< select class = "save_login" id = "savetime" name = "savetime" >
< option selected value = "0" >不保存</ option >
< option value = "1" >保存一天</ option >
< option value = "2" >保存一月</ option >
< option value = "3" >保存一年</ option >
</ select >
|
后台在登录时会操作,将信息保存在cookie中:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
if (savetime != null ) { //保存用户在Cookie
int savetime_value = savetime != null ? Integer.valueOf(savetime) : 0 ;
int time = 0 ;
if (savetime_value == 1 ) { //记住一天
time = 60 * 60 * 24 ;
} else if (savetime_value == 2 ) { //记住一月
time = 60 * 60 * 24 * 30 ;
} else if (savetime_value == 2 ) { //记住一年
time = 60 * 60 * 24 * 365 ;
}
Cookie cid = new Cookie(LogConstant.LOG_USERNAME, username);
cid.setMaxAge(time);
Cookie cpwd = new Cookie(LogConstant.LOG_PASSWORD, password);
cpwd.setMaxAge(time);
resp.addCookie(cid);
resp.addCookie(cpwd);
}
|
前台在发现用户未登录时,会取出cookie中的数据去登录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
if (session.getAttribute( "currentUser" )== null ){
Cookie[] cookies = request.getCookies();
String username = null ;
String password = null ;
for (Cookie cookie : cookies) {
if (cookie.getName().equals( "log_username" )) {
username = cookie.getValue();
} else if (cookie.getName().equals( "log_password" )) {
password = cookie.getValue();
}
}
if (username != null && password != null ) {
%>
$.ajax({
type : "post" ,
url : "loginByCookieAction.do" ,
data: "username=" + "<%=username%>" + "&password=" + "<%=password%>" ,
success : function (msg){
if (msg.status == 'success' )
window.parent.location.reload();
else if (msg.status == 'failed' )
gotoLoginPage();
}
});
<%
} else {
%>
gotoLoginPage();
<%
}
...
|
以上就列出了我在解决登录相关问题的方法,代码有点长,就没有全部列出。
原文链接:http://blog.csdn.net/fover717/article/details/8525808