基於session的單點登陸

1、第一次訪問，登錄成功

(1)登陸界面

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<script type="text/javascript" src="jquery-3.2.1/jquery-3.2.1.min.js"></script>
<script type="text/javascript">
	function login() {
	
		var userInfo = {
				"uname":$("#userName").val(),
				"upsw":$("#userPwd").val()
				};
		$.getJSON("UserLoginServlet.action",userInfo,function(data){
			if(data.success){
					//需要完善
				  window.location.href = "${pageContext.request.contextPath}/HouseInfoShowServlet.action";
			}else{
				alert("用戶名或密碼錯誤，請重新輸入");
				$("#userName").focus();
			}
		});
	}
</script>
<title>Insert title here</title>
</head>
<body>
<div>
	<input type="text" id="userName"/><br/>
	<input type="password" id="userPwd"/><br/>
	<button onclick="login()">登錄</button>
</div>
</body>
</html>

2、根據用戶名和密碼檢查是否有該session，如果有session中存入已登錄信息，覆蓋session

protected void doPost(HttpServletRequest request, HttpServletResponse response)              throws ServletException, IOException {
		request.setCharacterEncoding("utf-8");
		response.setCharacterEncoding("utf-8");
		String name=request.getParameter("Userame");
		String password=request.getParameter("password");
		System.out.println(name);
		System.out.println(password);
		//List<UserInfo> lists = Methods.selectNamePwd();
		UserInfo  info = Methods.selectNamePwd(name, password);
		ResultMsg result;
		if(info!=null) {
			checkUser(request);
			info.setUserName(name);
			HttpSession session = request.getSession();
			session.setAttribute("info", info);
			response.sendRedirect("HouseShow.action");
			result = ResultMsg.success();	
		}else{
			result = ResultMsg.failure("輸入的密碼不正確！請查證！");
			request.getRequestDispatcher("login.html").forward(request, response);
		}
		response.getWriter().write(JSON.toJSONString(result));
		/*for(UserInfo s2:lists) {
			String name1 = s2.getUserName();
			String password2 = s2.getUserPwd();
			if(name.equals(name1)&&password.equals(password2)) {
				response.sendRedirect("HouseShow");
			}else {
				request.getRequestDispatcher("login.html");
			}
		}*/
	}

3、如果沒有添加session

private void checkUser(HttpServletRequest request) {
		String userName = request.getParameter("Userame");
		String userPwd = request.getParameter("password");
		//獲取上次登錄的session(如果有的話)
		HttpSession session = SessionInfo.USER_SESSION.get(userName+userPwd);
		if(session!=null) {
			//在上次登錄的session中放入一條信息
			session.setAttribute("msg", ResultMsg.failure("該賬號在另一處登錄，是否重新登錄"));
		}
		//此處有替換session的功能
		SessionInfo.USER_SESSION.put(userName+userPwd, request.getSession());
	}

4、跳轉到data.jsp界面

request.setCharacterEncoding("utf-8");
		response.setCharacterEncoding("utf-8");
		HttpSession session = request.getSession();
		UserInfo info =  (UserInfo) session.getAttribute("info");
		System.out.println(info.getUserName());
		String userName = info.getUserName();
		List<HouseInfo> houseInfos  = Methods.selectHouse(userName);
		session.setAttribute("houseInfos",houseInfos);		
		request.getRequestDispatcher("/WEB-INF/data.jsp").forward(request, response);

5、在該界面中循環訪問checkLogin，獲取信息

$(function() {
	setInterval(checkUserOnline, 5*1000);
});
function checkUserOnline() {
	$.getJSON("UserCheckLoginServlet.action",function(data){
		if(!data.success){
			alert(data.msg);
			//註銷
			 window.location.href = "${pageContext.request.contextPath}/UserLogoutServlet.action";
		}
	});
}

6、如果發現已登錄，跳轉到註銷servlet中

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("application/json");
		ResultMsg msg = (ResultMsg) request.getSession().getAttribute("msg");
		//表示未出現重複登錄情況
		if(msg == null) {
			msg = ResultMsg.success();
		}
		response.getWriter().write(JSON.toJSONString(msg));
	}

6、在註銷servlet中，使session實效，跳轉到login.jsp

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		//註銷以後把 對象移除
		HttpSession session = request.getSession();
		UserInfo userInfo = (UserInfo) session.getAttribute("info");
		if(session == SessionInfo.USER_SESSION.get(userInfo.getUserName()+userInfo.getUserPwd())) {
			SessionInfo.USER_SESSION.remove(userInfo.getUserName()+userInfo.getUserPwd());
		}
		//移除session
		session.invalidate();
		  //重定向到登錄頁面login.jsp
        response.sendRedirect(request.getContextPath()+"/login.html");
	}