Java Spring - 为用户处理创建单个会话
问题描述:
我正在处理应用程序,并且可能遇到会话处理中的错误。Java Spring - 为用户处理创建单个会话
基本上有登录用户,注销用户和获取存储的用户。
- 但我想当我调用函数时,它会每次创建一个不同的会话?所以我想创建一个控制器,可以创建一个会话,并从此读取..但我越来越像错误 - 更改getSession静态..
在我的主要应用程序我将如何调用这些函数,只是通过一个会话?
会话控制器看起来像这样。
package controller;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.json.simple.JSONObject;
@SuppressWarnings("serial")
public class SessionController extends HttpServlet{
HttpServletRequest request;
SessionController(HttpServletRequest request){
HttpSession session = request.getSession(true);
}
HttpSession getSession(){
HttpSession session = this.request.getSession(true);
return session;
}
@SuppressWarnings("unchecked")
public static JSONObject getLoggedUser() {
session = getSession();
JSONObject user = (JSONObject) session.getAttribute("user");
System.out.println("session getLoggedUser>>>"+session);
System.out.println("---session login user>>>"+session.getAttribute("user"));
return user;
}
public static void logUser(JSONObject object) {
session = getSession();
//store user details
session.setAttribute("user", object);
System.out.println("session login>>>"+session());
System.out.println("---session login user>>>"+session.getAttribute("user"));
}
public static void logOutUser() {
session = getSession();
session.removeAttribute("user");
System.out.println("session logout>>>"+session);
System.out.println("---session login user>>>"+session.getAttribute("user"));
}
}
,并为MyService我有这样
@SuppressWarnings("unchecked")
@RequestMapping(value = "/login", method = RequestMethod.GET)
@CrossOrigin(origins = {"*"})
@ResponseBody
public ResponseEntity<?> login(
@RequestParam(value="email", required=false, defaultValue="email") String email,
@RequestParam(value="password", required=false, defaultValue="password") String password,
HttpServletRequest request
) throws Exception {
System.out.println("email email>>>"+email);
System.out.println("email password>>>"+password);
//find matching account with email
TblLogin checkAccount = tblLoginRepository.findByEmail(email);
if (checkAccount != null) {
//do the passwords match
if(passwordEncoder.matches(password, checkAccount.getPassword())) {
// Encode new password and store it
System.out.println("PASSWORD MATCH");
//build clean user object
JSONObject userDetails = new JSONObject();
//create user object
userDetails.put("id", checkAccount.getId());
userDetails.put("email", checkAccount.getEmail());
userDetails.put("password", checkAccount.getPassword());
userDetails.put("pin", checkAccount.getPin());
//attempt look up to get patient information and append to response
try {
TblPatient extInformation = tblPatientRepository.findByPatientID(checkAccount.getPin());
userDetails.put("forename", extInformation.getForename());
userDetails.put("surname", extInformation.getSurname());
userDetails.put("dateOfBirth", extInformation.getDateOfBirth());
userDetails.put("genderID", extInformation.getGenderID());
}
catch (Exception e) {
userDetails.put("forename", null);
userDetails.put("surname", null);
userDetails.put("dateOfBirth", null);
userDetails.put("genderID", null);
}
//store user in session
SessionController mySession = new SessionController(request);
mySession.logUser(userDetails);
//userDetails.put("session", session);
//System.out.println("session>>>"+session.getAttribute("user"));
//System.out.println("newAcc>>>"+checkAccount);
JSONObject response = ResponseWrapper(null, "success", "User found login succesful");
return new ResponseEntity<>(response, HttpStatus.OK);
} else {
//create error response
JSONObject response = ResponseWrapper(null, "error", "User passwords do not match");
//System.out.println("user PASSWORD error >>>"+response);
return new ResponseEntity<>(response, HttpStatus.OK);
}
} else{
//create error response
JSONObject response = ResponseWrapper(null, "error", "User has not been found");
//System.out.println("user does not exist >>>"+response);
return new ResponseEntity<>(response, HttpStatus.OK);
}
}
登录方法,我需要做的是这样
HttpSession mySession = new SessionController();
更新1.
我我们看到了最新的代码库是。
getHome - 会做一个查找表所存储的用户会话
登录 - 将创建用户会话
注销 - 将删除用户在会话
MyService类 - 现在我需要将mySession作为全局变量存储 - 并让它生成JUST ONCE?在MyService控制器中哪里需要请求?
package controller;
@RestController
public class MyService {
//api/getHome
@SuppressWarnings("unused")
@RequestMapping(value = {"/api/getHome"}, method = RequestMethod.GET)
@CrossOrigin(origins = {"*"})
public ResponseEntity<?> getHome(
HttpServletRequest request
) throws Exception {
SessionController mySession = new SessionController(request);
JSONObject user = mySession.getLoggedUser();
System.out.println("logged in user"+ user);
//get Home Data
MyApiHome myApiHome = new MyApiHome();
JSONArray data = myApiHome.getHomeData();
System.out.println("myHomedata"+ data);
JSONObject response = ResponseWrapper(data, "success", "Fetching home data");
return new ResponseEntity<>(response, HttpStatus.OK);
//getHome service
}
@SuppressWarnings("unchecked")
@RequestMapping(value = "/login", method = RequestMethod.GET)
@CrossOrigin(origins = {"*"})
@ResponseBody
public ResponseEntity<?> login(
@RequestParam(value="email", required=false, defaultValue="email") String email,
@RequestParam(value="password", required=false, defaultValue="password") String password,
HttpServletRequest request
) throws Exception {
System.out.println("email email>>>"+email);
System.out.println("email password>>>"+password);
//find matching account with email
TblLogin checkAccount = tblLoginRepository.findByEmail(email);
if (checkAccount != null) {
//do the passwords match
if(passwordEncoder.matches(password, checkAccount.getPassword())) {
// Encode new password and store it
System.out.println("PASSWORD MATCH");
JSONObject userDetails = getUserData(checkAccount);
//store user in session
SessionController mySession = new SessionController(request);
JSONObject user = mySession.logUser(userDetails);
System.out.println("logged in user"+ user);
JSONObject response = ResponseWrapper(null, "success", "User found login succesful");
return new ResponseEntity<>(response, HttpStatus.OK);
} else {
//create error response
JSONObject response = ResponseWrapper(null, "error", "User passwords do not match");
//System.out.println("user PASSWORD error >>>"+response);
return new ResponseEntity<>(response, HttpStatus.OK);
}
} else{
//create error response
JSONObject response = ResponseWrapper(null, "error", "User has not been found");
//System.out.println("user does not exist >>>"+response);
return new ResponseEntity<>(response, HttpStatus.OK);
}
}
@SuppressWarnings("unchecked")
@RequestMapping(value = "/logout", method = RequestMethod.GET)
@CrossOrigin(origins = {"*"})
public ResponseEntity<?> logout(
HttpServletRequest request
) throws Exception {
//List<TblLogin> acc = (List<TblLogin>) session.getAttribute("user");
//HttpSession session = request.getSession();
//session.removeAttribute("user");
//log user out of session
//SessionController.logOutUser(request);
SessionController mySession = new SessionController(request);
JSONObject user = mySession.logOutUser();
//create success response
JSONObject response = ResponseWrapper(null, "success", "User logged out");
return new ResponseEntity<>(response, HttpStatus.OK);
}
}
这就是我的SessionController的样子。
package controller;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.json.simple.JSONObject;
@SuppressWarnings("serial")
public class SessionController {
private HttpServletRequest request;
SessionController(HttpServletRequest request){
//HttpSession session = request.getSession(true);
this.request = request;
}
HttpSession getSession(){
HttpSession session = this.request.getSession(true);
return session;
}
@SuppressWarnings("unchecked")
public JSONObject getLoggedUser() {
HttpSession session = getSession();
JSONObject user = (JSONObject) session.getAttribute("user");
System.out.println("session getLoggedUser>>>"+session);
System.out.println("---session login user>>>"+session.getAttribute("user"));
return user;
}
public JSONObject logUser(JSONObject object) {
HttpSession session = getSession();
//store user details
session.setAttribute("user", object);
JSONObject storedUser = (JSONObject) session.getAttribute("user");
System.out.println("session login>>>"+session);
System.out.println("---session login user>>>"+storedUser);
return storedUser;
}
public void logOutUser() {
HttpSession session = getSession();
session.invalidate();
//session.removeAttribute("user");
System.out.println("session logout>>>"+session);
System.out.println("---session login user>>>"+session.getAttribute("user"));
return null;
}
}
答
我已经成功通过仅仅一次创建会话来解决该问题。所以发生了什么是我无意中得到/设置一个新的会话,而不是仅仅审查一个会话。
- 这样的会话控制器是相当简单..
SessionController.java
package controller;
import javax.servlet.http.HttpSession;
import org.json.simple.JSONObject;
public class SessionController {
SessionController(){
}
public static JSONObject getLoggedUser(HttpSession session) {
JSONObject storedUser = (JSONObject) session.getAttribute("user");
return storedUser;
}
public static JSONObject logUser(JSONObject object, HttpSession session) {
//store user details
session.setAttribute("user", object);
JSONObject storedUser = (JSONObject) session.getAttribute("user");
return storedUser;
}
public static JSONObject logOutUser(HttpSession session) {
session.invalidate();
return null;
}
}
我的服务控制器上 - 这就是我创建一个会话,然后通过这些泵这届会议会话方法。
MyService。java的
package controller;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.List;
import java.util.Random;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import freemarker.template.Configuration;
import services.MailService;
import services.SimpleEmailService;
import domain.TblLogin;
import repo.TblLoginRepository;
import domain.TblPatient;
import repo.TblPatientRepository;
@RestController
public class MyService {
@Autowired
private JavaMailSender mailSender;
@Autowired
private Configuration fmConfiguration;
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private TblLoginRepository tblLoginRepository;
@Autowired
private TblPatientRepository tblPatientRepository;
private HttpSession session;
MyService(){
}
//api/getHome
@RequestMapping(value = {"/api/getHome"}, method = RequestMethod.GET)
@CrossOrigin(origins = {"*"})
public ResponseEntity<?> getHome(
//HttpServletRequest request
) throws Exception {
try {
//get logged in user from session
JSONObject user = SessionController.getLoggedUser(this.session);
}
catch (Exception e) {
}
//get Home Data
MyApiHome myApiHome = new MyApiHome();
JSONArray data = myApiHome.getHomeData();
JSONObject response = ResponseWrapper(data, "success", "Fetching home data");
return new ResponseEntity<>(response, HttpStatus.OK);
//getHome service
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
@CrossOrigin(origins = {"*"})
@ResponseBody
public ResponseEntity<?> login(
@RequestParam(value="email", required=false, defaultValue="email") String email,
@RequestParam(value="password", required=false, defaultValue="password") String password,
HttpServletRequest request
) throws Exception {
//find matching account with email
TblLogin checkAccount = tblLoginRepository.findByEmail(email);
if (checkAccount != null) {
//do the passwords match
if(passwordEncoder.matches(password, checkAccount.getPassword())) {
// Encode new password and store it
JSONObject userDetails = getUserData(checkAccount);
//create ONE session
this.session = request.getSession(true);
//store user in session
SessionController.logUser(userDetails, this.session);
JSONObject response = ResponseWrapper(null, "success", "User found login succesful");
return new ResponseEntity<>(response, HttpStatus.OK);
} else {
//create error response
JSONObject response = ResponseWrapper(null, "error", "User passwords do not match");
return new ResponseEntity<>(response, HttpStatus.OK);
}
} else{
//create error response
JSONObject response = ResponseWrapper(null, "error", "User has not been found");
return new ResponseEntity<>(response, HttpStatus.OK);
}
}
@RequestMapping(value = "/logout", method = RequestMethod.GET)
@CrossOrigin(origins = {"*"})
public ResponseEntity<?> logout(
) throws Exception {
//logout user
SessionController.logOutUser(this.session);
//create success response
JSONObject response = ResponseWrapper(null, "success", "User logged out");
return new ResponseEntity<>(response, HttpStatus.OK);
}
}
答
您误会了,会话只会在登录后创建一次。用户会话是在您的服务类创建mySession.logUser(userDetails);
session.invalidate(),但最好不是session.removeAttribute("user")
+0
注释不适用于扩展讨论或调试会话;这个对话已经[转移到聊天](http://chat.stackoverflow.com/rooms/154166/discussion-on-answer-by-kevenlolo-java-spring-creating-a-single-session-for-us) 。如果在本次讨论中获得有用的信息,则应将其编辑到答案中。 –
+0
我很担心我无法解决此问题..我不确定如果我无法将用户存储在会话中,我将要执行的操作。 –
+1
我想我修好了。 –
会话登录>>> org.apache.cata[email protected] 会议getLoggedUser >>> [email protected] –
这样的会议是不同的吧? StandardSessionFacade @ –