Session- judge whether the user login verification code is correct

The personal blog address https://nfreak-man.cn
verification code is randomly generated. The server obtains the verification code from the session and compares it with the verification code entered by the user. The result is forwarded to success.jsp and login.jsp through requesrt

login.jsp

Simple landing page:

<html>
<head>
    <title>登陆</title>
    <script>
        window.onload = function () {
            document.getElementById("img").onclick = function(){
                this.src="/day16/checkCodeServlet?time="+new Date().getTime();
            }
        }
    </script>
    <style>
        div{
            color:red;
        }
    </style>
</head>
<body>
        <form action="/day16/loginServlet" method="post">
            <table align="center">
                <tr>
                    <td>用户名</td>
                    <td><input type="text" name="username"></td>
                </tr>
                <tr>
                    <td>密码</td>
                    <td><input type="password" name="password"></td>
                </tr>
                <tr>
                    <td>验证码</td>
                    <td><input type="text" name="checkCode"></td>
                </tr>
                <tr>
                    <td colspan="2"><img src="/day16/checkCodeServlet" id="img"></td>
                </tr>
                <tr>
                    <td colspan="2"><input type="submit" value="登陆"></td>
                </tr>
            </table>
        </form>
        <div>
            <%=request.getAttribute("cc_error")==null? "":request.getAttribute("cc_error")%>
        </div>
        <div>
            <%=request.getAttribute("login_error")==null?"":request.getAttribute("login_error")%>
        </div>
</body>
</html>

success.jsp

After successful login, jump to this page and obtain user information display:

<html>
<head>
    <title>Title</title>
</head>
<body>
    <h1><%=request.getSession().getAttribute("user") %>,欢迎您</h1>
</body>
</html>

LoginServlet

Obtain the verification code information in the session, compare it, and forward the result to the relevant page.

@WebServlet("/loginServlet")
public class LoginServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        //设置request编码
        request.setCharacterEncoding("utf-8");
        //获取参数
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String checkCode = request.getParameter("checkCode");
        //获取生成的验证码
        HttpSession session = request.getSession();
        String checkCode_session = (String) session.getAttribute("checkCode_session");
        //删除session中存储的验证码
        session.removeAttribute("checkCode_session");
        //判断验证码是否正确
        if(checkCode_session != null &&checkCode_session.equalsIgnoreCase(checkCode)){
            //忽略大小写比较字符串
            //验证码正确
            //判断用户名和密码是否一样
            if ("zhangsan".equals(username)&&"123".equals(password)){//查询数据库
                //登陆成功
                //存储用户信息
                session.setAttribute("user",username);
                //重定向到success.jsp
                response.sendRedirect(request.getContextPath()+"/success.jsp");
            }else {
                //登陆失败
                //存储提示信息到request
                request.setAttribute("login_error","用户名或密码错误");
                //转发到登陆页面
                request.getRequestDispatcher("/login.jsp").forward(request,response);
            }
        }else {
            //验证码不一致
            //存储提示信息到request
            request.setAttribute("cc_error","验证码错误");
            //转发到登陆页面
            request.getRequestDispatcher("/login.jsp").forward(request,response);
        }

    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        this.doPost(request, response);
    }
}

CheckCodeServlet

Generate a random verification code and store it in the session.

@WebServlet("/checkCodeServlet")
public class CheckCodeServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        int width = 100;
        int height = 50;
        //创建一个对象，在内存中画图（验证码图片对象）
        BufferedImage image = new BufferedImage(width,height,BufferedImage.TYPE_3BYTE_BGR);
        //美化图片
        //填充背景色
        Graphics g = image.getGraphics();//画笔对象
        g.setColor(Color.pink);//设置画笔颜色
        g.fillRect(0,0,width,height);
        //画边框
        g.setColor(Color.BLUE);
        g.drawRect(0,0,width -1,height-1);

        String str = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
        //生成随机脚标
        Random ran = new Random();
        StringBuilder sb = new StringBuilder();
        //写验证码
        for (int i = 1; i <= 4; i++) {
            int index = ran.nextInt(str.length());
            //获取字符
            char ch = str.charAt(index);
            sb.append(ch);
            g.drawString(ch+"",width/5*i,height/2);
        }
        String checkCode_session = sb.toString();
        //将验证码存入session
        request.getSession().setAttribute("checkCode_session",checkCode_session);
        //画干扰线
        g.setColor(Color.green);
        //随机生成坐标点
        for (int i = 0; i < 10; i++) {
            int x1 = ran.nextInt(width);
            int x2 = ran.nextInt(width);

            int y1 = ran.nextInt(height);
            int y2 = ran.nextInt(height);
            g.drawLine(x1,y1,x2,y2);
        }

        //键土拍你输出到页面展示
        ImageIO.write(image,"jpg",response.getOutputStream());

    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        this.doPost(request,response);
    }
}