发表于: 2018-03-03 23:49:19

1 738


完成

1.使用DES对用户ID和登录时间加密,生成Token,放入Cookie中

写了一个登陆页面

@RequestMapping(value = "/login", method = RequestMethod.GET)
public String Five() {
return "login";
}

@RequestMapping(value = "/login", method = RequestMethod.POST)
public String Six(Model model, User user, HttpServletResponse response, HttpServletRequest request) {
//获得登录时间,存到数据库里
   Long date = System.currentTimeMillis();
   model.addAttribute("date", date);
   logger.info("date:" + date);
   user.setTime(date);
   userService.updateTime(user.getName(), user.getTime());
   //对用户名和登录时间加密,放到Token
   String s = user.getName() + "," + date;
   logger.info("s:" + s);
   String Token = null;
   try {
Token = new DesUtil("wlj").encrypt(s);
       logger.info("Token:" + Token);
   } catch (Exception e) {
e.printStackTrace();
   }
//Token存入cookie
   Cookie cookie = new Cookie("Token", Token);
   logger.info("cookie:" + cookie);
   //cookie有效时间(秒)
   cookie.setMaxAge(60 * 60);
   // 可在同一应用服务器内共享方法
   cookie.setPath("/");
   //添加cookie到服务器端
   response.addCookie(cookie);
   //登录信息与数据库比较
   Boolean loginResult = userService.compare(user.getName(), user.getPassword());

   //从服务器获得基本信息
   System.out.println("getRequestURL: " + request.getRequestURL());
   System.out.println("getRequestURI: " + request.getRequestURI());
   System.out.println("getQueryString: " + request.getQueryString());
   System.out.println("getRemoteAddr: " + request.getRemoteAddr());
   System.out.println("getRemoteHost: " + request.getRemoteHost());
   System.out.println("getRemotePort: " + request.getRemotePort());
   System.out.println("getRemoteUser: " + request.getRemoteUser());
   System.out.println("getLocalAddr: " + request.getLocalAddr());
   System.out.println("getLocalName: " + request.getLocalName());
   System.out.println("getLocalPort: " + request.getLocalPort());
   System.out.println("getMethod: " + request.getMethod());
   //得到请求的参数Map,注意mapvalueString数组类型
   System.out.println("-------request.getParameterMap()-------");
   Map map = request.getParameterMap();
   Set<String> keySet = map.keySet();
   System.out.println("keySet:" + keySet);
   for (String key : keySet) {
String[] values = (String[]) map.get(key);
       for (String value : values) {
System.out.println(key + "=" + value);
       }
}
//得到请求头的name集合
   System.out.println("--------request.getHeader()--------");
   Enumeration<String> em = request.getHeaderNames();
   System.out.println("em:" + em);
   while (em.hasMoreElements()) {
String name = em.nextElement();
       String value = request.getHeader(name);
       System.out.println(name + "=" + value);
   }
//返回页面
   if (loginResult == true) {

return "14";
   } else {
return "redirect:login";
   }

}

这个是登陆成功结果

cookie=JSESSIONID=29D6DF78B1C2F69D4EFBC4CA6BCCD2B3

[INFO ] 2018-03-03 23:40:22,469 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:153)

date:1520091622469

  [INFO ] 2018-03-03 23:40:22,901 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:157)

s:1,1520091622469

  [INFO ] 2018-03-03 23:40:22,902 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:161)

Token:9570d31e65915641800089050cd4a9d3

  [INFO ] 2018-03-03 23:40:22,902 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:166)

cookie:javax.servlet.http.Cookie@57e8cc4c


  getRequestURL: http://localhost:8080/HelloWeb/login

getRequestURI: /HelloWeb/login

getQueryString: null

getRemoteAddr: 0:0:0:0:0:0:0:1

getRemoteHost: 0:0:0:0:0:0:0:1

getRemotePort: 58344

getRemoteUser: null

getLocalAddr: 0:0:0:0:0:0:0:1

getLocalName: 0:0:0:0:0:0:0:1

getLocalPort: 8080

getMethod: POST

-------request.getParameterMap()-------

keySet:[name, password]

name=1

password=1

--------request.getHeader()--------

em:org.apache.tomcat.util.http.NamesEnumerator@77679538

host=localhost:8080

connection=keep-alive

content-length=17

cache-control=max-age=0

origin=http://localhost:8080

upgrade-insecure-requests=1

content-type=application/x-www-form-urlencoded

user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36

accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

referer=http://localhost:8080/HelloWeb/login?date=1520091618262

accept-encoding=gzip, deflate, br

accept-language=zh-CN,zh;q=0.9

cookie=JSESSIONID=29D6DF78B1C2F69D4EFBC4CA6BCCD2B3; Token=9570d31e65915641cadb5fc1de9e2eb7


2.拦截设置

mvc配置文件加入,我想拦截t11页面

<mvc:interceptors>
   <!-- 使用bean定义一个Interceptor,直接定义在mvc:interceptors根下面的Interceptor将拦截所有的请求 -->
   <!--<bean class="com.wlj.Interceptor.AllInterceptor"/>-->
   <mvc:interceptor>
       <mvc:mapping path="/t11"/>
       <!-- 定义在mvc:interceptor下面的表示是对特定的请求才进行拦截的 -->
       <bean class="com.wlj.Interceptor.SpringMVCInterceptor"/>
   </mvc:interceptor>
</mvc:interceptors>

控制器和拦截器的代码暂时没有跑通,明天再搞搞


3.@Param注释

编译updateTime时出现

Parameter 'time' not found. Available parameters are [0, 1, param1, param2]
原因是 在mapper 映射的函数参数没有加 @param(“time”)
void updateTime(@Param("name") String name, @Param("time") long time);
加了之后报错:
Error querying database.  Cause: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Incorrect datetime value: '1520043541542' for column 'time' at row 16

数据库里没有long类型,在mapper.xml里这么改即可

<select id="updateTime" >
   UPDATE user SET time=#{time,jdbcType=BIGINT} WHERE name=#{name}
</select>


问题

拦截器那块有点卡住,明天再弄


收获

简单的编写cookie,token


计划

1.拦截器里通过Cookie中判断Token的有效性来判断用户是否登录。

2.修改Task4中的两个页面,一个设为用户不登录可以访问,一个设为用户必须登录才可以访问。要求用户必须登录才能访问的url统一增加前缀 /u/



返回列表 返回列表
评论

    分享到