struts2与cookie实现自动登录和验证码验证
主要介绍struts2与cookie结合实现自动登录
struts2与cookie结合时要注意采用.action 动作的方式实现cookie的读取
struts2的jar包
链接数据库文件 db.properties
dbDriver = oracle.jdbc.driver.OracleDriver url = jdbc:oracle:thin:@localhost:1521:orcl userName=test password=password
dao层类代码,通过登录名获取用户信息
package com.struts.dao.impl; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import com.struts.dao.UserDao; import com.struts.proj.User; import com.struts.util.BeanConnection; public class UserDaoImpl implements UserDao { private BeanConnection dbconn = new BeanConnection(); public User login(String loginname) { Connection conn = dbconn.getConnection(); ResultSet rs = null ; String selsql = "select * from t_scoa_sys_user where f_loginname='"+loginname+"'"; //System.out.println(selsql); PreparedStatement pstmt = null; User user = null; try { pstmt = conn.prepareStatement(selsql); //pstmt.setString(3, loginname); rs = pstmt.executeQuery(); while(rs.next()){ user = new User(); user.setId(rs.getLong(1)); user.setF_username(rs.getString(2)); user.setF_loginname(rs.getString(3)); user.setF_sex(rs.getString(4)); user.setF_state(rs.getString(5)); user.setF_email(rs.getString(6)); user.setF_mobilephone(rs.getString(7)); user.setF_secretaryid(rs.getLong(8)); user.setF_password(rs.getString(9)); user.setF_order(rs.getLong(10)); user.setF_note(rs.getString(11)); user.setF_infomodifytemplateid(rs.getLong(12)); } } catch (SQLException e) { e.printStackTrace(); } return user; } public void save(User user) { } public static void main(String[] args) { UserDaoImpl daoimpl = new UserDaoImpl(); daoimpl.login("admin"); } }
工具类 CookieUtils类
package com.struts.util; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.apache.commons.lang.xwork.StringUtils; import org.apache.struts2.ServletActionContext; import com.struts.action.LoginAction; import com.struts.proj.User; import com.struts.service.UserService; import com.struts.service.impl.UserServiceImpl; public class CookieUtils { public static final String USER_COOKIE = "user.cookie"; // 增加cookie public Cookie addCookie(User user) { Cookie cookie = new Cookie(USER_COOKIE, user.getF_loginname() + "," + DESEDE.decryptIt(user.getF_password())); cookie.setMaxAge(60 * 60 * 24 * 365); return cookie; } // 得到cookie public boolean getCookie(HttpServletRequest request, UserService userService) { request = ServletActionContext.getRequest(); Cookie[] cookies = request.getCookies(); userService = new UserServiceImpl(); if (cookies != null) { for (Cookie cookie : cookies) { if (CookieUtils.USER_COOKIE.equals(cookie.getName())) { String value = cookie.getValue(); // 判断字符是否为空 if (StringUtils.isNotBlank(value)) { String[] spilt = value.split(","); String loginname = spilt[0]; String password = spilt[1]; User user = userService.login(loginname, password); if (user != null) { HttpSession session = request.getSession(); session .setAttribute(LoginAction.USER_SESSION, user);// 添加用户到session中 return true; } } } } } return false; } // 删除cookie public Cookie delCookie(HttpServletRequest request) { request = ServletActionContext.getRequest(); Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (USER_COOKIE.equals(cookie.getName())) { cookie.setValue(""); cookie.setMaxAge(0); return cookie; } } } return null; } }
service层代码,验证用户名和密码是否正确,密码我本地用了加密算法,需要解密,友友们可以去掉
package com.struts.service.impl; import com.struts.dao.UserDao; import com.struts.dao.impl.UserDaoImpl; import com.struts.proj.User; import com.struts.service.UserService; import com.struts.util.DESEDE; public class UserServiceImpl implements UserService { UserDao userDao = new UserDaoImpl(); public User login(String loginname, String password) { User user = userDao.login(loginname); if (user == null) { System.out.println("用户名不存在,请检查后重新登录!"); } if (!DESEDE.decryptIt(user.getF_password()).equals(password)) { System.out.println("密码错误"); } return user; } public static void main(String[] args) { UserServiceImpl useimp = new UserServiceImpl(); System.out.println(useimp.login("admin", "1234")); } }
struts2的配置文件struts.xml,loginAction和ValidateCodeAction验证码的验证
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "http://struts.apache.org/dtds/struts-2.1.dtd"> <struts> <constant name="struts.i18n.reload" value="true" /> <constant name="struts.devMode" value="true" /> <package name="loginResult" extends="struts-default" namespace="/"> <action name="loginAction" class="com.struts.action.LoginAction"> <result name="success" type="redirect">/success.jsp</result> <result name="error">/error.jsp</result> <result name="login" type="redirect">/login.jsp</result> </action> <!-- 验证码 --> <action name="validate" class="com.struts.action.ValidateCodeAction"> <param name="width">60</param> <param name="height">20</param> <param name="fontSize">18</param> <param name="codeLength">4</param> <result type="stream"> <param name="contentType">image/jpeg</param> <param name="inputName">inputStream</param> </result> </action> </package> </struts>
web.xml文件
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <display-name></display-name> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <filter> <filter-name>struts2</filter-name> <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class> </filter> <filter-mapping> <filter-name>struts2</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>
action文件类 LoginAction
package com.struts.action; import java.util.Map; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.struts2.ServletActionContext; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionSupport; import com.struts.proj.User; import com.struts.service.UserService; import com.struts.service.impl.UserServiceImpl; import com.struts.util.CookieUtils; import com.struts.util.DESEDE; public class LoginAction extends ActionSupport { private static final long serialVersionUID = 6650955874307814247L; private String f_loginname; private String f_password; private HttpServletResponse response; private HttpServletRequest request; private Map<String, Object> session; private CookieUtils cookieUtils = new CookieUtils(); private boolean userCookie; private String validateCode; public static final String USER_SESSION = "user.session"; UserService userService = new UserServiceImpl(); public String autoLogin() throws Exception { request = ServletActionContext.getRequest(); if (cookieUtils.getCookie(request, userService)) { return "success"; } else return "login"; } @Override public String execute() throws Exception { HttpSession session = ServletActionContext.getRequest().getSession(); try {
String code = (String) session.getAttribute("validateCode"); if (validateCode == null || !validateCode.equals(code)) { System.out.println("验证码输入有误,请正确输入"); return "error"; } if (f_loginname != null && !"".equals(f_loginname) && !"".equals(f_password) && f_password != null) { User user = userService.login(f_loginname, f_password); // 判断是否要添加到cookie中 String psswd = DESEDE.decryptIt(user.getF_password()); if (user != null && psswd.equals(f_password)) { if (userCookie) { Cookie cookie = cookieUtils.addCookie(user); ActionContext.getContext().get("response"); ServletActionContext.getResponse().addCookie(cookie); } session.setAttribute(USER_SESSION, user); return "success"; } } } catch (Exception e) { e.printStackTrace(); } return "login"; } // 用户退出 public String logout() { request = ServletActionContext.getRequest(); response = ServletActionContext.getResponse(); HttpSession session = ServletActionContext.getRequest().getSession(); session = request.getSession(false); if (session != null) session.removeAttribute(USER_SESSION); Cookie cookie = cookieUtils.delCookie(request); if (cookie != null) response.addCookie(cookie); return "login"; } public static void main(String[] args) { LoginAction login = new LoginAction(); try { login.execute(); } catch (Exception e) { e.printStackTrace(); } } public Map<String, Object> getSession() { return session; } public void setSession(Map<String, Object> session) { this.session = session; } public HttpServletResponse getResponse() { return response; } public void setResponse(HttpServletResponse response) { this.response = response; } public HttpServletRequest getRequest() { return request; } public void setRequest(HttpServletRequest request) { this.request = request; } public boolean isUserCookie() { return userCookie; } public void setUserCookie(boolean userCookie) { this.userCookie = userCookie; } public String getF_loginname() { return f_loginname; } public void setF_loginname(String fLoginname) { f_loginname = fLoginname; } public String getF_password() { return f_password; } public void setF_password(String fPassword) { f_password = fPassword; } public String getValidateCode() { return validateCode; } public void setValidateCode(String validateCode) { this.validateCode = validateCode; } }
验证码 ValidataCodeAction ,网上很多验证码的例子,可以选择自己的方式来写验证码
package com.struts.action; import java.awt.Color; import java.awt.Font; import java.awt.Graphics; import java.awt.image.BufferedImage; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.util.Random; import javax.imageio.ImageIO; import javax.imageio.stream.ImageOutputStream; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionSupport; public class ValidateCodeAction extends ActionSupport { private static final long serialVersionUID = 1L; private ByteArrayInputStream inputStream; private int width; private int height; private int fontSize; private int codeLength; public ValidateCodeAction() { } public void setCodeLength(int codeLength) { this.codeLength = codeLength; } public void setFontSize(int fontSize) { this.fontSize = fontSize; } public void setHeight(int height) { this.height = height; } public void setWidth(int width) { this.width = width; } public ByteArrayInputStream getInputStream() { return inputStream; } public void setInputStream(ByteArrayInputStream inputStream) { this.inputStream = inputStream; } public String execute() throws Exception { BufferedImage bimage = new BufferedImage(width, height, 1); Graphics g = bimage.getGraphics(); Random random = new Random(); g.setColor(getRandomColor(random, 200, 255)); g.fillRect(0, 0, width, height); g.setFont(new Font("Times New Roman", 0, fontSize)); g.setColor(getRandomColor(random, 160, 200)); for (int i = 0; i < 155; i++) { int x = random.nextInt(width); int y = random.nextInt(height); int xl = random.nextInt(12); int yl = random.nextInt(12); g.drawLine(x, y, x + xl, y + yl); } StringBuffer str = new StringBuffer(); for (int i = 0; i < codeLength; i++) { String randomStr = String.valueOf(random.nextInt(10)); str.append(randomStr); g.setColor(new Color(20 + random.nextInt(110), 20 + random .nextInt(110), 20 + random.nextInt(110))); int x = (width / codeLength - 1) * i + random.nextInt(width / (codeLength * 2)); int y = random.nextInt(height - fontSize) + fontSize; g.drawString(randomStr, x, y); } ActionContext.getContext().getSession().put("validateCode", str.toString()); g.dispose(); ByteArrayOutputStream output = new ByteArrayOutputStream(); ImageOutputStream iout = ImageIO.createImageOutputStream(output); ImageIO.write(bimage, "JPEG", iout); iout.close(); output.close(); ByteArrayInputStream in = new ByteArrayInputStream(output.toByteArray()); setInputStream(in); return "success"; } private Color getRandomColor(Random random, int fc, int bc) { if (fc > 255) fc = 255; if (bc > 255) bc = 255; int r = fc + random.nextInt(bc - fc); int g = fc + random.nextInt(bc - fc); int b = fc + random.nextInt(bc - fc); return new Color(r, g, b); } }
index.jsp页面,如果cookie登录直接进入登录成功页面,没有则跳转到login.jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; response.sendRedirect(basePath+"loginAction!autoLogin.action"); %>
login.jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@ taglib prefix="s" uri="/struts-tags"%> <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>登录界面</title> <base href="<%=basePath%>"> <script type="text/javascript" src="<%=path%>/js/jquery-1.4.2.min.js"></script> <script type="text/javascript"> function check() { if ($('#f_loginname').val() == "") { alert("用户名不能为空!"); $('#f_loginname').focus(); return false; } if ($('#f_password').val() == "") { alert("密码不能为空!"); $('#f_password').focus(); return false; } if($('#validateCode').val()==""){ alert("验证码不能为空!"); $('#validateCode').focus(); return false; } } </script> </head> <body> <form name="loginForm" id="loginForm" action="loginAction.action" method="post"> 用户名: <input name="f_loginname" id="f_loginname"> <br> 密 码: <input type="password" name="f_password" id="f_password"> <font color="red">自动登录</font> <input id="userCookie" type="checkbox" name="userCookie" value="true" /> <br/> 验证码: <input name="validateCode" type="text" id="validateCode"> <img src="<%=path %>/validate" width="60" height="20"> <a href="javascript:location.reload();">看不清?</a> <!-- false表示不自动登录,为默认值 true表示自动登录,表示选中--> <br> <input type="submit" value="提 交" id="login" onclick="return check()"> <input type="reset" value="取 消"> </form> </body> </html>
登录成功页面success.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@page import="com.struts.util.CookieUtils"%> <%@page import="org.apache.commons.lang.xwork.StringUtils"%> <%@ taglib uri="/struts-tags" prefix="s"%> <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>success page</title> </head> <body> <% Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (CookieUtils.USER_COOKIE.equals(cookie.getName())) { String value = cookie.getValue(); // 判断字符是否为空 if (StringUtils.isNotBlank(value)) { String[] spilt = value.split(","); String loginname = spilt[0]; String password = spilt[1]; out.println(loginname + "欢迎登陆"); } } } } %> <s:a action="loginAction!logout.action" namespace="/"> 安全退出</s:a> </body> </html>
