When the website is logged in generally there will be a "Remember password" or "Remember me within a week" such as check box, check the designated time after the visit to the same site will not need to enter the account password again, very convenient, as shown in
The principle is simple, as follows
- Tick the check box after login will pass a switch value (on/off) to the background of the login method (such as/login), as a basis;
- After successful login, the value is on when the Cookie information is written to the client browser, including the user name and password (for security, you can replace or encrypt the information to be saved);
- When you visit the site again, read the Cookie information sent by the browser and log in automatically.
First look at the login method
@RequestMapping ("/login") public String Login (Loginmodel login, HttpServletRequest req, HttpServletResponse res, model model) { //... }
Login Object Loginmodel is used to receive login parameters, of course, you need to add a rememberme Field.
Public class Loginmodel { // omit other Field private String rememberme; // Omit getters & Setters}
Property corresponding to the same name as the login form
<Divclass= "Form-group"> <inputID= "RememberMe"name= "RememberMe"type= "checkbox"style= "Vertical-align:middle;"/> <label for= "RememberMe"style= "Vertical-align:middle;">Remember Me</label></Div>
After submitting the form, you can normally receive the value of my switch, and then the background method needs to do this: Write a Cookie to the client
//omit the process of validating user name password to get user object users if ("On". Equals (Login.getrememberme ())) { Tools.addcookie (res, constant.session_user_name, User.getusername (), integer.max_value); Tools.addcookie (res, Constant.session_password, User.getpassword (), integer.max_value);}
Addcookie () Method:
Public Static void int Age ) { new Cookie (key, value); Cookie.setmaxage (age);
For more settings Please refer to API documentation Res.addcookie (cookies);}
After logging in, you can see whether the Cookie was successfully written in the browser, open Firebug in the console input Document.cookie you can see the
cookie setting succeeds, the next time you log on, Filter will determine if you need to authenticate the user name and password again. , Filter needs to add the following code
// If there is a cookie, log in with a cookie String UserName == Tools.getcookie (req, constant.session_password); if NULL NULL ) { Req.setattribute ("UserName", userName); Req.setattribute ("password", password); Req.getrequestdispatcher ("/login"). Forward (req, res); return ;}
GetCookie () Method:
Public Staticstring GetCookie (HttpServletRequest req, string key) {if(Key = =NULL|| "". Equals (key) | | Req = =NULL)return NULL; Cookie[] Cookies=req.getcookies (); if(Cookies = =NULL|| Cookies.length = = 0)return NULL; for(Cookie cookie:cookies) {if(Cookie.getname (). Equals (key)) {returnCookie.getvalue (); } } return NULL;}
After obtaining the user information of the Cookie, put username and password into the request parameters, use the forward to log in automatically, this time the login method needs to be modified, special handling the forwarded login request
@RequestMapping ("/login") PublicString Login (Loginmodel login, HttpServletRequest req, httpservletresponse res, model model) {HttpSession session =req.getsession (); Login.setpassword (TOOLS.MD5 (Constant.md5_prefix+Login.getpassword ())); //if the request is forwarded, the verification code is turned off, and the password does not need to be encrypted if(Req.getdispatchertype (). Equals (Dispatchertype.forward)) {Vcodeswitch=false; Login=NewLoginmodel (String) req.getattribute ("UserName"), (String) req.getattribute ("Password")); }}
If it is a forwarding login request, special processing is required, such as turning off verification code verification, without password encryption and so on, to ensure that you can log in normally.
Cookie implementation Remember password Auto login function