吹静静

欢迎QQ交流:592590682

想要实现自动登录,需要通过Cookie保存用户名密码在客户端,然后通过过滤器拦截请求,对于未登录而带有自动登录cookie且自动登录cookie中保存的用户名密码都正确则在放行资源之前做自动登录操作。

package cn.bingou.filter;

import java.io.IOException;
import java.net.URLDecoder;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import cn.bingou.domain.User;
import cn.bingou.exception.MsgException;
import cn.bingou.factory.BaseFactory;
import cn.bingou.service.UserService;

public class AutoLoginFilter implements Filter {

    private String encode=null;
    
    @Override
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException {
        
        HttpServletRequest req=(HttpServletRequest) request;
        // 1.用户没有登陆
        HttpSession session=req.getSession(false);
        if(session==null || session.getAttribute("user")==null){
            Cookie[] cs=req.getCookies();
            Cookie findC=null;
            if(cs!=null){
                for(Cookie c:cs){
                    if("autologin".equals(c.getName())){
                        findC=c;
                        break;
                    }
                }
            }
            // 2.用户携带了自动登录的Cookie
            if(findC!=null){
                // 3.自动登陆Cookie中保存的用户名和密码正确
                String value=findC.getValue(); // username#password
                String username=URLDecoder.decode(value.split("#")[0], encode);
                String password=value.split("#")[1];
                UserService service=BaseFactory.getFactory().getInstance(UserService.class);
                try {
                    User user=service.login(username, password);
                    // 以上3点都符合,再进行自动登陆 -> 将用户的信息存入session
                    if(user!=null){
                        // 实现自动登陆 -> session中现在已经有用户的登陆状态
                        // session.setAttribute("user",user); // 空指针
                        req.getSession().setAttribute("user", user);
                    }
                } catch (MsgException e) {
                    e.printStackTrace();
                }
            }
        }
        // 放行请求
        chain.doFilter(request, response);
    }
    
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        this.encode=filterConfig.getServletContext().getInitParameter("encode");

    }

    @Override
    public void destroy() {
        // TODO Auto-generated method stub

    }
}
  <!-- 配置过滤器 -->
  <filter>
      <filter-name>AutoLoginFilter</filter-name>
      <filter-class>cn.bingou.filter.AutoLoginFilter</filter-class>
  </filter>
  
  <!-- 配置过滤器拦截的url -->
  <filter-mapping>
      <filter-name>AutoLoginFilter</filter-name>
      <url-pattern>/*</url-pattern>
  </filter-mapping>

 

posted on 2018-10-18 21:03  吹静静  阅读(156)  评论(0编辑  收藏  举报