Filter实现判断用户是否已经登录

1.login.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>登录</title>
</head>
<body>

<form action="${pageContext.request.contextPath}/LoginServlet" method="post">
    用户名：<input type="text" name="username">
    密码：<input type="password" name="password">
    <input type="submit" value="登录">
</form>
</body>
</html>

2.error.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
<h1>错误</h1>
<h3>没有权限，用户名错误</h3>
<a href="${pageContext.request.contextPath}/login.jsp">返回登录页面</a>
</body>
</html>

3.success.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>

<h1>主页</h1>
欢迎你<%=request.getSession().getAttribute("username")%>登录
<a href="${pageContext.request.contextPath}/LoginOutServlet">退出</a>
</body>
</html>

4.LoginServlet

package com.you.servlet;

import com.you.util.Constant;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class LoginServlet  extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        //获取前端参数
        String username = req.getParameter("username");
        String password = req.getParameter("password");
        if (username.equals("admin")&& password.equals("123")){
            req.getSession().setAttribute("username", username);
            req.getSession().setAttribute(Constant.USER_SESSION,req.getSession().getId());
            resp.sendRedirect(req.getContextPath()+"/sys/success.jsp");
        }else {
            resp.sendRedirect(req.getContextPath()+"/error.jsp");
        }
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doGet(req, resp);
    }
}

5.LoginOutServlet

package com.you.servlet;

import com.you.util.Constant;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class LoginOutServlet extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        Object user_session = req.getSession().getAttribute(Constant.USER_SESSION);
        if (user_session!=null){
            req.getSession().removeAttribute(Constant.USER_SESSION);
            resp.sendRedirect(req.getContextPath()+"/login.jsp");
        }
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doGet(req, resp);
    }
}

6.Filter

package com.you.filter;

import com.you.util.Constant;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class SysFilter implements Filter {
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;
        Object user_session = request.getSession().getAttribute(Constant.USER_SESSION);
        if(user_session==null){
            response.sendRedirect(request.getContextPath()+"/login.jsp");
        }
        chain.doFilter(request, response);
    }

    public void destroy() {

    }
}

7.web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
         version="4.0">
  

    <servlet>
        <servlet-name>/LoginServlet</servlet-name>
        <servlet-class>com.you.servlet.LoginServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>/LoginServlet</servlet-name>
        <url-pattern>/LoginServlet</url-pattern>
    </servlet-mapping>

    <servlet>
        <servlet-name>/LoginOutServlet</servlet-name>
        <servlet-class>com.you.servlet.LoginOutServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>/LoginOutServlet</servlet-name>
        <url-pattern>/LoginOutServlet</url-pattern>
    </servlet-mapping>


    <filter>
        <filter-name>SysFilter</filter-name>
        <filter-class>com.you.filter.SysFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>SysFilter</filter-name>
        <!--只要是 /sys的任何请求，会经过这个过滤器-->
        <url-pattern>/sys/*</url-pattern>
        <!--<url-pattern>/*</url-pattern>-->
    </filter-mapping>

</web-app>