发表于: 2018-03-03 23:49:19
1 740
完成
1.使用DES对用户ID和登录时间加密,生成Token,放入Cookie中
写了一个登陆页面
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String Five() {
return "login";
}
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String Six(Model model, User user, HttpServletResponse response, HttpServletRequest request) {
//获得登录时间,存到数据库里
Long date = System.currentTimeMillis();
model.addAttribute("date", date);
logger.info("date:" + date);
user.setTime(date);
userService.updateTime(user.getName(), user.getTime());
//对用户名和登录时间加密,放到Token里
String s = user.getName() + "," + date;
logger.info("s:" + s);
String Token = null;
try {
Token = new DesUtil("wlj").encrypt(s);
logger.info("Token:" + Token);
} catch (Exception e) {
e.printStackTrace();
}
//Token存入cookie
Cookie cookie = new Cookie("Token", Token);
logger.info("cookie:" + cookie);
//cookie有效时间(秒)
cookie.setMaxAge(60 * 60);
// 可在同一应用服务器内共享方法
cookie.setPath("/");
//添加cookie到服务器端
response.addCookie(cookie);
//登录信息与数据库比较
Boolean loginResult = userService.compare(user.getName(), user.getPassword());
//从服务器获得基本信息
System.out.println("getRequestURL: " + request.getRequestURL());
System.out.println("getRequestURI: " + request.getRequestURI());
System.out.println("getQueryString: " + request.getQueryString());
System.out.println("getRemoteAddr: " + request.getRemoteAddr());
System.out.println("getRemoteHost: " + request.getRemoteHost());
System.out.println("getRemotePort: " + request.getRemotePort());
System.out.println("getRemoteUser: " + request.getRemoteUser());
System.out.println("getLocalAddr: " + request.getLocalAddr());
System.out.println("getLocalName: " + request.getLocalName());
System.out.println("getLocalPort: " + request.getLocalPort());
System.out.println("getMethod: " + request.getMethod());
//得到请求的参数Map,注意map的value是String数组类型
System.out.println("-------request.getParameterMap()-------");
Map map = request.getParameterMap();
Set<String> keySet = map.keySet();
System.out.println("keySet:" + keySet);
for (String key : keySet) {
String[] values = (String[]) map.get(key);
for (String value : values) {
System.out.println(key + "=" + value);
}
}
//得到请求头的name集合
System.out.println("--------request.getHeader()--------");
Enumeration<String> em = request.getHeaderNames();
System.out.println("em:" + em);
while (em.hasMoreElements()) {
String name = em.nextElement();
String value = request.getHeader(name);
System.out.println(name + "=" + value);
}
//返回页面
if (loginResult == true) {
return "14";
} else {
return "redirect:login";
}
}
这个是登陆成功结果
cookie=JSESSIONID=29D6DF78B1C2F69D4EFBC4CA6BCCD2B3
[INFO ] 2018-03-03 23:40:22,469 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:153)
date:1520091622469
[INFO ] 2018-03-03 23:40:22,901 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:157)
s:1,1520091622469
[INFO ] 2018-03-03 23:40:22,902 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:161)
Token:9570d31e65915641800089050cd4a9d3
[INFO ] 2018-03-03 23:40:22,902 method:com.wlj.tutorialspoint.HelloController.Six(HelloController.java:166)
cookie:javax.servlet.http.Cookie@57e8cc4c
getRequestURL: http://localhost:8080/HelloWeb/login
getRequestURI: /HelloWeb/login
getQueryString: null
getRemoteAddr: 0:0:0:0:0:0:0:1
getRemoteHost: 0:0:0:0:0:0:0:1
getRemotePort: 58344
getRemoteUser: null
getLocalAddr: 0:0:0:0:0:0:0:1
getLocalName: 0:0:0:0:0:0:0:1
getLocalPort: 8080
getMethod: POST
-------request.getParameterMap()-------
keySet:[name, password]
name=1
password=1
--------request.getHeader()--------
em:org.apache.tomcat.util.http.NamesEnumerator@77679538
host=localhost:8080
connection=keep-alive
content-length=17
cache-control=max-age=0
origin=http://localhost:8080
upgrade-insecure-requests=1
content-type=application/x-www-form-urlencoded
user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36
accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer=http://localhost:8080/HelloWeb/login?date=1520091618262
accept-encoding=gzip, deflate, br
accept-language=zh-CN,zh;q=0.9
cookie=JSESSIONID=29D6DF78B1C2F69D4EFBC4CA6BCCD2B3; Token=9570d31e65915641cadb5fc1de9e2eb7
2.拦截设置
mvc配置文件加入,我想拦截t11页面
<mvc:interceptors>
<!-- 使用bean定义一个Interceptor,直接定义在mvc:interceptors根下面的Interceptor将拦截所有的请求 -->
<!--<bean class="com.wlj.Interceptor.AllInterceptor"/>-->
<mvc:interceptor>
<mvc:mapping path="/t11"/>
<!-- 定义在mvc:interceptor下面的表示是对特定的请求才进行拦截的 -->
<bean class="com.wlj.Interceptor.SpringMVCInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
控制器和拦截器的代码暂时没有跑通,明天再搞搞
3.@Param注释
编译updateTime时出现
数据库里没有long类型,在mapper.xml里这么改即可
<select id="updateTime" >
UPDATE user SET time=#{time,jdbcType=BIGINT} WHERE name=#{name}
</select>
问题
拦截器那块有点卡住,明天再弄
收获
简单的编写cookie,token
计划
1.拦截器里通过Cookie中判断Token的有效性来判断用户是否登录。
2.修改Task4中的两个页面,一个设为用户不登录可以访问,一个设为用户必须登录才可以访问。要求用户必须登录才能访问的url统一增加前缀 /u/
评论