First, we need to make a check box under the login interface. After the check box is selected, automatic logon will take 2 weeks, and automatic logon will not be canceled unless you click exit.
View the logon Action Code
…………if (!(lf.get("auto_login") == null)) {int times = 1000 * 60 * 60 * 24 * 14;AutoLoginModel alm = new AutoLoginModel();alm.setUsername(username);alm.setSessionid(hs.getId());alm.setTimes(new Date().getTime() + times);Cookie cookie = new Cookie("auto_users", username);cookie.setPath("/");cookie.setMaxAge(times);response.addCookie(cookie);cookie = new Cookie("auto_id", hs.getId());cookie.setPath("/");cookie.setMaxAge(times);response.addCookie(cookie);us.addLoginInfo(alm);}return mapping.findForward("to_login_suc");…………
Code snippet
1. Check whether automatic logon is selected. If yes, the user name, sessionid and expiration time of this logon are encapsulated in the database, and the cookie of the user name and sessionid is generated.
2. Be sure to set path ("/"). Why? If this is not done, the cookie domain is different, and the cookie cannot be obtained from other pages.
In this way, the cookie at login has been recorded, and how can we determine automatic login?
We need to write a filter to listen to all requests. Then, when a cookie exists, the user name and password are recorded.
Then we extract the cookie. At the same time, we need to determine whether there is any user login information in the session at this time. If there is, nothing will be done. If not, continue to the step, then retrieve the information recorded last time from the database, and then compare, if the user name and sessionid in the cookie are the same as the latest records read from the database and the number of milliseconds compared with the current time, if the user information is not expired, the user information is retrieved and saved in the session, in this way, automatic login is complete!
Let's look at the interceptor code.
............ Public void dofilter (servletrequest arg0, servletresponse arg1, filterchain arg2) throws ioexception, servletexception {httpservletrequest request = (httpservletrequest) arg0; cookie [] cookies = request. getcookies (); If (cookies! = NULL) {If (cookies. length> 1) {httpsession HS = request. getsession (); usersmodel um = (usersmodel) HS. getattribute ("users_info"); If (UM = NULL) {string username = ""; string sessionid = ""; for (INT I = 0; I <cookies. length; I ++) {cookie = Cookies [I]; If (cookie. getname (). equalsignorecase ("auto_users") {username = cookie. getvalue (); // obtain the cookie username} If (cookie. getname (). equalsignorecase ("Au To_id ") {sessionid = cookie. getvalue (); // obtain the Cookie's sessionid} If (! (Username. equals ("") | sessionid. equals ("") {string store_path = request. getservletcontext (). getrealpath ("/WEB-INF/"); applicationcontext context = new filesystemxmlapplicationcontext (store_path + "/applicationcontext. XML "); usersservice US = (usersservice) context. getbean ("usersservice"); autologinmodel ALM = us. getlogininfo (username); If (ALM. getUserName (). equals (username) & ALM. getsessionid (). equ ALS (sessionid) & new date (). gettime () <ALM. gettimes () {HS. setattribute ("users_info", us. getusers (username);} else {httpservletresponse response = (httpservletresponse) arg1; For (Cookie: cookies) {If ("auto_users ". equals (cookie. getname () {cookie = new cookie ("auto_users", ""); cookie. setpath ("/"); cookie. setmaxage (0); response. addcookie (cookie);} If ("auto_id ". equals (cookie. getname () {Co Okie = new cookie ("auto_id", ""); cookie. setpath ("/"); cookie. setmaxage (0); response. addcookie (cookie) ;}}}}} arg2.dofilter (arg0, arg1 );}..................
As for how to configure the filter, I will not talk about it here.
Finally, exit
Clear cookies and delete records stored in the database
…………HttpSession hs = request.getSession();UsersModel um = (UsersModel) hs.getAttribute("users_info");Cookie[] cookies = request.getCookies();if (cookies != null) {for (Cookie cookie : cookies) {if ("auto_users".equals(cookie.getName())) {cookie = new Cookie("auto_users", "");cookie.setMaxAge(0);cookie.setPath("/");response.addCookie(cookie);}if ("auto_id".equals(cookie.getName())) {cookie = new Cookie("auto_id", "");cookie.setMaxAge(0);cookie.setPath("/");response.addCookie(cookie);}}us.delLoginInfo(um.getUsername());}hs.invalidate();return (mapping.findForward("to_login"));…………
The automatic login function is complete. I thought about the results of one day.