2020-10-12

单点登录（案例）

1. login.jsp
   
2. LoginServlet

package com.web;

import com.bean.Account;
import com.service.LoginService;

import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.IOException;

public class LoginServlet extends HttpServlet {
    LoginService service = new LoginService();
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.setCharacterEncoding("utf-8");
        //去 调 存 转
        //1 .取
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String remember = request.getParameter("remember");
        System.out.println(remember);
        //2. 调
        Account account = service.login(username,password);
        //3 存  4.转
        if(account!=null){
            HttpSession session = request.getSession();

            System.out.println("进入页面success");
            session.setAttribute("account",account);
            if (remember!=null && remember.equals("1") ){  //点了 记住
                Cookie cookie = new Cookie("JSESSIONID",session.getId());
                cookie.setMaxAge(3*60);  //设置cookie的生命周期
                session.setMaxInactiveInterval(3*60);
                response.addCookie(cookie);  //响应 从服务端 --> 客户端 ，将cookie带上，也就不需要再次验证密码了
            }
            response.sendRedirect("/SingleLogin1/success.jsp");
            
        }else{  //登陆不成功 去失败页面
            response.sendRedirect("/SingleLogin1/fail.jsp");
        }

    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

    }
}

3. fa!il.jsp
   
4. success.jsp
   
5. LoginService

package com.service;

import com.bean.Account;
import com.dao.LoginDao;
import com.utils.MD5Util;
import com.utils.StringUtil;

import java.security.Provider;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;

public class LoginService {
    private LoginDao dao = new LoginDao();
    private  final  static  String  MD5_KEY  = "kasdkjh86dkdkf_9dieuyred123la8ldjKhflJF";

    static {  //加载service类时，就会运行该方法
        LoginService service = new LoginService();
        int i = service.insertAccount("kgc","123","1999-05-05 19:00:00");
        int i1 = service.insertAccount("laiminhua","888666","1999-05-08 12:00:00");

    }

    private int insertAccount(String username, String password, String createTime) {
        Account account = new Account();
        account.setUsername(username);
        //将用户名 经过MD5加密  等到salt
        String salt = MD5Util.MD5Encode(username, "utf-8");
        account.setPassword(getMD5Password(password, salt));
        account.setSalt(salt);
        try {//存进创建的时间
            Date date = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").parse(createTime);   //
            account.setCreatTime(date);
        } catch (ParseException e) {
            e.printStackTrace();
        }
        return dao.insertAccount(account);


    }
    private String getMD5Password(String password,String salt){
        String psw = password+"|"+salt+"|"+MD5_KEY;
        return MD5Util.MD5Encode(psw,"utf-8");

    }

    //登录  查询
        public Account login(String username, String password) {
            Account account = dao.selectAccount(username);
            if (account!=null){
                String psw1 = account.getPassword();
                String psw2 = getMD5Password(password, account.getSalt());
                if (StringUtil.isEqual(psw1,psw2)){   //多了一个非空验证
                    return account;
                }
            }
            return null;
    }
}

6. LoginDao

import com.bean.Account;

import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.atomic.AtomicInteger;

public class LoginDao {
    //新增 和 查询
    private static Map<String,Account> map = new HashMap<String,Account>(); //充当数据库

    private static AtomicInteger id = new AtomicInteger(0);  //模拟id自增长 从0开始
    public int insertAccount(Account account) {

        if (!map.containsKey(account.getUsername())){
            account.setId(id.incrementAndGet());  //设置account的id 为自增长
            map.put(account.getUsername(),account);
        }

        return account.getId();  //
    }

    public Account selectAccount(String username) {
        return map.get(username);

    }
}

7. Account
   
8. LoginFilter

package com.filter;

import com.bean.Account;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

public class LoginFilter implements Filter {
    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        HttpServletRequest request = (HttpServletRequest)req;
        HttpServletResponse response = (HttpServletResponse) resp;
        Account account = (Account) request.getSession().getAttribute("account");
        System.out.println("filter"+account);
        if (account==null){
            response.sendRedirect("/SingleLogin1/login.jsp");
            return;
        }
        chain.doFilter(req, resp);  //有该方法。表示放行
    }

    public void init(FilterConfig config) throws ServletException {

    }

}