25-旧密码验证功能实现
25-旧密码验证功能实现
概述
本文记述如何实现就密码验证功能
分析
在pwdmodify.js代码中有一段验证就密码的ajax代码
可以看到里面请求的是/jsp/user.do 所以我们把user.do的请求继续完善即可
另外data.result是servlet中resp里面返回的结果里面几种情况都已经写好了
oldpassword.on("blur", function () {//JQuery失去焦点
$.ajax({
type: "GET",
url: path + "/jsp/user.do",
data: {method: "pwdmodify", oldpassword: oldpassword.val()},//data就是ajax传递的参数
/*
上面这句话等价于path+"/jsp/user.do?method="pwdmodify"&&oldpassword=oldpassword.val()
*/
dataType: "json",//主流开发都是用JSON实现前后端开发{}
success: function (data) {
if (data.result == "true") {//旧密码正确
validateTip(oldpassword.next(), {"color": "green"}, imgYes, true);
} else if (data.result == "false") {//旧密码输入不正确
validateTip(oldpassword.next(), {"color": "red"}, imgNo + " 原密码输入不正确", false);
} else if (data.result == "sessionerror") {//当前用户session过期,请重新登录
validateTip(oldpassword.next(), {"color": "red"}, imgNo + " 当前用户session过期,请重新登录", false);
} else if (data.result == "error") {//旧密码输入为空
validateTip(oldpassword.next(), {"color": "red"}, imgNo + " 请输入旧密码", false);
}
},
error: function (data) {
//请求出错
validateTip(oldpassword.next(), {"color": "red"}, imgNo + " 请求错误", false);
}
});
实践
把UserSerlet完善一下就可以
UserServlet.java
package com.kuang.servlet;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.kuang.pojo.User;
import com.kuang.service.UserService;
import com.kuang.service.UserServiceImpl;
import com.kuang.utils.Constants;
import com.mysql.jdbc.StringUtils;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 功能描述
*
* @since 2022-09-07
*/
public class UserServlet extends HttpServlet {
private static final long serialVersionUID = 4477827924112311146L;
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String method = req.getParameter("method");
if (method != null) {
if (method.equals("pwdmodify")) {
validatePwd(req, resp);
} else if (method.equals("savepwd")) {
updatePwd(req, resp);
}
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
public void updatePwd(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
Object o = req.getSession().getAttribute(Constants.USER_SESSION);
String newPwd = req.getParameter("newpassword");
if (o != null && !StringUtils.isNullOrEmpty(newPwd)) {
User user = (User) o;
UserService userService = new UserServiceImpl();
boolean flag = userService.updateUserPwd(user.getId(), newPwd);
if (flag) {
req.setAttribute(Constants.MESSAGE, "修改成功,请重新登录");
// 需移除当前Session
req.getSession().removeAttribute(Constants.USER_SESSION);
} else {
req.setAttribute(Constants.MESSAGE, "修改失败");
}
} else {
req.setAttribute(Constants.MESSAGE, "新密码有问题");
}
req.getRequestDispatcher("/jsp/pwdmodify.jsp").forward(req, resp);
}
private void validatePwd(HttpServletRequest req, HttpServletResponse resp) throws IOException {
Object o = req.getSession().getAttribute(Constants.USER_SESSION);
String oldPwd = req.getParameter("oldpassword");
HashMap<String, String> map = new HashMap<>();
if (o == null) {
map.put("result", "sessionerror");
} else {
if (StringUtils.isNullOrEmpty(oldPwd)) {
map.put("result", "error");
} else {
User user = (User) o;
String pwd = user.getUserPassword();
if (pwd.equals(oldPwd)) {
map.put("result", "true");
} else {
map.put("result", "false");
}
}
}
PrintWriter writer = resp.getWriter();
ObjectMapper mapper = new ObjectMapper();
writer.write(mapper.writeValueAsString(map));
writer.flush();
writer.close();
}
}