- 概述
使用过滤器来实现客户端每次访问只登录一次,需要使用Cookie来保存会话信息。把用户的登录状态作为一个标识存储到Cookie中,通过过滤器来检查Cookie中是否存在标识,如果存在则表示用户已经登录过,直接放行请求;如果不存在,则表示用户未登录或者会话已失效,需要跳转到登录界面进行身份验证。
- 实现步骤
2.1 配置过滤器
在web.xml文件中添加如下内容:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.example.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
</filter-mapping>
2.2 编写过滤器代码
package com.example.filter;
public class LoginFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String cookieValue = "";
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals("loginFlag")) {
cookieValue = cookie.getValue();
break;
}
}
}
// 判断cookie中是否存在标识
if (cookieValue.equals("true")) {
chain.doFilter(request, response);
} else {
// 重定向到登录页面
response.sendRedirect("login.jsp");
}
}
}
2.3 编写登录页面代码
<!DOCTYPE html>
<html>
<head>
<title>登录页面</title>
</head>
<body>
<form action="login.jsp" method="post">
<label for="username">用户名:</label>
<input type="text" id="username" name="username" /><br>
<label for="password">密码:</label>
<input type="password" id="password" name="password" /><br>
<input type="submit" value="登录" />
</form>
</body>
</html>
2.4 编写登录处理代码
package com.example.servlet;
public class LoginServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
if ("admin".equals(username) && "123456".equals(password)) {
// 登录成功,添加cookie标识
Cookie cookie = new Cookie("loginFlag", "true");
cookie.setMaxAge(60 * 60 * 24); // 设置有效时间为1天
resp.addCookie(cookie);
resp.sendRedirect("index.jsp");
} else {
// 登录失败,重定向到登录页面
resp.sendRedirect("login.jsp");
}
}
}
- 示例说明
3.1 示例1
一个在线商城网站,要求用户每次访问都需要登录,使用过滤器来实现。
实现步骤如下:
1)配置web.xml文件,添加如下内容:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.example.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
</filter-mapping>
2)编写过滤器代码:
package com.example.filter;
public class LoginFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String cookieValue = "";
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals("loginFlag")) {
cookieValue = cookie.getValue();
break;
}
}
}
// 判断cookie中是否存在标识
if (cookieValue.equals("true")) {
chain.doFilter(request, response);
} else {
// 重定向到登录页面
response.sendRedirect("login.jsp");
}
}
}
3)编写登录页面代码:
<!DOCTYPE html>
<html>
<head>
<title>登录页面</title>
</head>
<body>
<form action="login.jsp" method="post">
<label for="username">用户名:</label>
<input type="text" id="username" name="username" /><br>
<label for="password">密码:</label>
<input type="password" id="password" name="password" /><br>
<input type="submit" value="登录" />
</form>
</body>
</html>
4)编写登录处理代码:
package com.example.servlet;
public class LoginServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
if ("admin".equals(username) && "123456".equals(password)) {
// 登录成功,添加cookie标识
Cookie cookie = new Cookie("loginFlag", "true");
cookie.setMaxAge(60 * 60 * 24); // 设置有效时间为1天
resp.addCookie(cookie);
resp.sendRedirect("index.jsp");
} else {
// 登录失败,重定向到登录页面
resp.sendRedirect("login.jsp");
}
}
}
3.2 示例2
一个论坛网站,要求用户每次访问都需要登录,使用过滤器来实现。
实现步骤如下:
1)配置web.xml文件,添加如下内容:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.example.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/forum/*</url-pattern>
</filter-mapping>
2)编写过滤器代码:
package com.example.filter;
public class LoginFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String cookieValue = "";
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals("loginFlag")) {
cookieValue = cookie.getValue();
break;
}
}
}
// 判断cookie中是否存在标识
if (cookieValue.equals("true")) {
chain.doFilter(request, response);
} else {
// 重定向到登录页面
response.sendRedirect("/login.jsp");
}
}
}
3)编写登录页面代码:
<!DOCTYPE html>
<html>
<head>
<title>登录页面</title>
</head>
<body>
<form action="/login.jsp" method="post">
<label for="username">用户名:</label>
<input type="text" id="username" name="username" /><br>
<label for="password">密码:</label>
<input type="password" id="password" name="password" /><br>
<input type="submit" value="登录" />
</form>
</body>
</html>
4)编写登录处理代码:
package com.example.servlet;
public class LoginServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
if ("admin".equals(username) && "123456".equals(password)) {
// 登录成功,添加cookie标识
Cookie cookie = new Cookie("loginFlag", "true");
cookie.setMaxAge(60 * 60 * 24); // 设置有效时间为1天
resp.addCookie(cookie);
resp.sendRedirect("/forum/index.jsp");
} else {
// 登录失败,重定向到登录页面
resp.sendRedirect("/login.jsp");
}
}
}
- 总结
使用过滤器来实现客户端每次访问只登录一次,需要使用Cookie来保存会话信息。把用户的登录状态作为一个标识存储到Cookie中,通过过滤器来检查Cookie中是否存在标识,如果存在则表示用户已经登录过,直接放行请求;如果不存在,则表示用户未登录或者会话已失效,需要跳转到登录界面进行身份验证。请注意,使用Cookie来实现会话管理时,需要考虑会话的安全性,避免出现会话劫持等安全问题。
本站文章如无特殊说明,均为本站原创,如若转载,请注明出处:基于Cookie使用过滤器实现客户每次访问只登录一次 - Python技术站