java自动登录

温故而知新。从其他页面访问时，如直接访问index页面，勾选过自动登录，从session/cookie获取用户信息，没有勾选，从session中获取用户信息，需要使用filter过滤器

工程结构，采用gradle构建：

public class User {

    private String username;
    private String password;

    public User() {
    }

    public User(String username, String password) {
        this.username = username;
        this.password = password;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    @Override
    public String toString() {
        return "User{" +
                "username='" + username + '\'' +
                ", password='" + password + '\'' +
                '}';
    }
}

import com.yz.filter.LoginFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * @description: springboot 登录拦截器配置
 * @author: yz
 * @create: 2018/11/7 18:11
 */
@Configuration
public class LoginFilterConfig {

    @Bean
    public FilterRegistrationBean registrationBean(){
        FilterRegistrationBean bean = new FilterRegistrationBean();
        bean.setFilter(new LoginFilter());
        bean.addUrlPatterns("/*");
        return bean;
    }
}

import com.yz.bean.User;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * @description: 自动登录
 * @author: yz
 * @create: 2018/11/7 16:07
 */
@Controller
public class UserController {

    @GetMapping("login")
    public String login(){
        return "login";
    }

    @GetMapping("index")
    public String index(){
        return "index";
    }

    /**
     * @param request
     * @param response
     * @param user
     * @param auto
     * @return
     */
    @PostMapping("user_login")
    public ModelAndView userLogin(HttpServletRequest request,HttpServletResponse response,User user, String auto){
        ModelAndView mv = new ModelAndView("redirect:login");
        HttpSession session = request.getSession();
        // 登录成功
        if("admin".equals(user.getUsername()) && "123456".equals(user.getPassword())){
            // 存值
            session.setAttribute("user",user);
            // 判断是否勾选自动登录
            if("on".equals(auto)){
                System.out.println("有勾选自动登录");
                // 将用户账号密码保存到cookie中
                Cookie cookie = new Cookie("account",user.getUsername()+"#"+user.getPassword());
                cookie.setMaxAge(60*60*24*7);
                response.addCookie(cookie);
            }
            // 跳转
            mv.setViewName("redirect:index");
            return mv;
        }
        // 登录失败
        session.setAttribute("msg","用户名或者密码错误!");
        // 跳转到登录页面，显示数据
        return mv;
    }
}

import com.yz.bean.User;

import javax.servlet.*;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * @description: 登录拦截器
 * 单独使用时，放开注解；使用拦截器配置时注掉注解
 * @author: yz
 * @create: 2018/11/7 17:34
 */
//@WebFilter("/*")
//@Component
//@Order
public class LoginFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    /**
     * 有登录（session or cookie中有用户数据）放行，没有登录就去登录页面
     * @param request
     * @param response
     * @param chain
     * @throws IOException
     * @throws ServletException
     */
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {

        System.out.println("来到过滤器了。~！~开始拦截请求");
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;
        // 如果是登录有关操作的，不拦截
        String path = req.getRequestURI();
        System.out.println("path:"+path);
        if (path.contains("login") || path.endsWith(".ico")){
            // 放行
            chain.doFilter(request,response);
            return;
        }

        boolean isLogin = false;

        // 1. session还有效
        HttpSession session = req.getSession();
        User user = (User) session.getAttribute("user");
        if(user != null){
            isLogin = true;
        }else{
            // 2.session失效，看cookie
            // 获取cookie,遍历cookie,拿到账号密码进行判断，对了放行，并将用户对象存储到session中
            Cookie[] cookies = req.getCookies();
            if(cookies !=null){
                for (Cookie cookie : cookies) {
                    // account=admin#123456;
                    if("account".equals(cookie.getName())){
                        String[] accountArray = cookie.getValue().split("#");
                        if("admin".equals(accountArray[0]) && "123456".equals(accountArray[1])){
                            // 登录成功 , 将用户对象保存到session中，以便在会话有效期内访问，都会放行。
                            user = new User(accountArray[0], accountArray[1]);
                            req.getSession().setAttribute("user" , user);
                            isLogin = true;
                        }
                    }
                }
            }
        }

        // 统一对isLogin判断
        if(isLogin){
            chain.doFilter(request,response);
        }else{
            resp.sendRedirect("login");
        }
    }

    @Override
    public void destroy() {

    }
}

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

/**
 * @description:
 * @author: yz
 * @create: 2018/11/7 16:07
 */
@SpringBootApplication
public class LoginApp {

    public static void main(String [] args){

        SpringApplication.run(LoginApp.class , args);
    }

}

index.html

<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org" >
<head>
    <meta charset="UTF-8"/>
    <title>Title</title>
</head>
<body>

    <h2>欢迎您,<span th:text="${session.user.username}"></span></h2>

</body>
</html>

login.html

<!DOCTYPE html>
<html xmlns:th="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="UTF-8"/>
    <title>Title</title>
</head>
<body>

    <h2>登录页面</h2>

    <form action="user_login" method="post">

        用户名:&nbsp;<input type="text" name="username"/><br/>
        密&emsp;码:&nbsp;<input type="password" name="password"/><br/>
        <input type="checkbox" name="auto"/>自动登录<br/>
        <input type="submit" value="登录"/>
        <!--用户名或者密码错误!!!-->
        <span style="color:red" th:text="${session.msg}"></span>
    </form>

</body>
</html>

application.properties

server.port=8089

build.gradle

plugins {
    id 'java'
}

group 'com.yz'
version '1.0-SNAPSHOT'

sourceCompatibility = 1.8

repositories {
    mavenCentral()
}

dependencies {
    testCompile group: 'junit', name: 'junit', version: '4.12'
    compile("org.springframework.boot:spring-boot-starter-web:1.5.10.RELEASE")
    compile("org.thymeleaf:thymeleaf-spring4:2.1.4.RELEASE")
}