1.首先页面效果为
2.登录页面的显示
@RequestMapping(value="logins",method=RequestMethod.GET)
public String login(){
return "login/login";
}
3.服务端登录检查
@RequestMapping(value="logins",method = RequestMethod.POST)
public String loginCheck(HttpSession session,HttpServletRequest req,Model model) throws UnknownHostException{
String userName=req.getParameter("userName").trim();
String password=req.getParameter("password");
String ca=req.getParameter("code").toLowerCase();
String sesionCode = (String) req.getSession().getAttribute(CAPTCHA_KEY);//对比生成验证码的session中
model.addAttribute("userName", userName);
//验证码比对
if(!ca.equals(sesionCode.toLowerCase())){
System.out.println("验证码输入错误!");
model.addAttribute("errormess", "验证码输入错误!");
req.setAttribute("errormess","验证码输入错误!");
return "login/login";
}
//用户信息查找
User user=uDao.findOneUser(userName, password);
if(Objects.isNull(user)){
model.addAttribute("errormess", "账号或密码错误!");
return "login/login";
}
//用户状态校验
if(user.getIsLock()==1){
model.addAttribute("errormess", "账号已被冻结!");
return "login/login";
}
Object sessionId=session.getAttribute("userId");
//重复登录情形判断
if(sessionId==user.getUserId()){
model.addAttribute("hasmess", "当前用户已经登录了;不能重复登录");
session.setAttribute("thisuser", user);
return "login/login";
}else{
session.setAttribute("userId", user.getUserId());
Browser browser = UserAgent.parseUserAgentString(req.getHeader("User-Agent")).getBrowser();
Version version = browser.getVersion(req.getHeader("User-Agent"));
String info = browser.getName() + "/" + version.getVersion();
String ip=InetAddress.getLocalHost().getHostAddress();
/*新增登录记录*/
ulService.save(new LoginRecord(ip, new Date(), info, user));
}
return "redirect:/index";
}
这个登录过程并没有应用到安全框架,在后期改版时会加上shiro。