【cookie、session】
7.1、会话
会话:用户打开一个浏览器,点开了很多超链接,访问多个web资源,关闭浏览器,这个过程称之为会话
有状态的会话:一个同学来过教室,下次再来教室,我们会知道这个同学,曾经来过,称之有状态的会话
一个网站怎么证明你来过?
客户端 服务器
1.服务端给客户端一个信件,客户端下次访问服务端带上信件就可以了;cookie
2.服务器登记你来过了,下次你来的时候我来匹配;session
7.2、保存会话的两种技术
cookie
客户端技术(响应,请求)
session
服务器技术,利用这个技术,可以保存用户的会话信息,我们可以把信息或者数据放在session中
常见:网站登录之后,下次不用再登录,第二次访问直接就上去
7.3、Cookie
1.从请求中拿到cookie信息
2.服务器响应给客户端cookie
Cookie[] cookies = req.getCookies();//获得Cookie
cookie.getName();//获得cookie中的key
cookie.getValue();//获得cookie中的value
new Cookie("lastLoginTime",System.currentTimeMillis()+"");//新建一个cookie
cookie.setMaxAge(24*60*60);//设置cookie的有效期
resp.addCookie(cookie);//响应给客户端一个cookiecookie:一般会保存在本地的用户目录下 appdata;
一个网站cookie是否存在上限:
- 一个cookie只能保存一个信息
- 一个web站点可以给浏览器发送多个cookie,最多存放20个cookie
- cookie大小有限制4kb
- 300个cookie浏览器上限
删除cookie:
- 不设置有效期,关闭浏览器,自动失效
- 设置有效期为0
CookieDemo01.java
package com.jiang.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;
public class CookieDemo01 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//服务端给客户端一个信件,客户端下次访问服务端带上信件就可以了;cookie
//解决中文乱码
req.setCharacterEncoding("utf-8");
resp.setCharacterEncoding("utf-8");
PrintWriter out = resp.getWriter();
//Cookie,服务器端从客户端获取
Cookie[] cookies = req.getCookies();//这里返回数组,说明cookie可能存在多个
//判断Cookie是否存在
if(cookies!=null){
//如果存在
out.write("上一次访问时间是:");
for (int i = 0; i < cookies.length; i++) {
Cookie cookie = cookies[i];
if(cookie.getName().equals("lastLoginTime")){
//获取cookie中的值
long lastLoginTime = Long.parseLong(cookie.getValue());
Date date = new Date(lastLoginTime);
out.write(date.toLocaleString());
}
}
}else {
out.write("这是您第一次访问本站");
}
//服务给客户端响应一个cookie
Cookie cookie = new Cookie("lastLoginTime",System.currentTimeMillis()+"");
cookie.setMaxAge(24*60*60);
resp.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
super.doPost(req, resp);
}
}
CookieDemo03.java
package com.jiang.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Date;
public class CookieDemo03 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//解决中文乱码
req.setCharacterEncoding("utf-8");
resp.setCharacterEncoding("utf-8");
PrintWriter out = resp.getWriter();
//Cookie,服务器端从客户端获取
Cookie[] cookies = req.getCookies();//这里返回数组,说明cookie可能存在多个
//判断Cookie是否存在
if(cookies!=null){
//如果存在
out.write("您的姓名:");
for (int i = 0; i < cookies.length; i++) {
Cookie cookie = cookies[i];
if(cookie.getName().equals("name")){
//解码
out.write(URLDecoder.decode(cookie.getValue(),"utf-8"));
}
}
}else {
out.write("这是您第一次访问本站");
}
//服务给客户端响应一个cookie
Cookie cookie = new Cookie("name", URLEncoder.encode("酱油","utf-8"));
resp.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
super.doPost(req, resp);
}
}
?编译解码:
Cookie cookie = new Cookie("name", URLEncoder.encode("酱油","utf-8"));
out.write(URLDecoder.decode(cookie.getValue(),"utf-8"));
7.4、Session(重点)
什么是session:
- 服务器会给每一个用户(浏览器)创建一个session对象
- 一个session独占一个浏览器,只要浏览器没有关闭,这个Session就存在
- 用户登录之后,整个网站都可以访问->保存用户的信息,保存购物车信息
Session和cookie的区别:
- cookie是吧用户的数据写给用户的浏览器,浏览器保存(可以保存多个)
- session吧用户的数据写到用户独占session中,服务器保存(保存重要的信息,减少服务器资源的浪费)
- session对象由服务器创建
使用场景:
- 保存一个登录用户的信息
- 购物车信息
- 在整个网站中经常会使用的数据,我们将它保存在session中
使用session:
package com.jiang.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
public class SessionDemo01 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//解决中文乱码
req.setCharacterEncoding("utf-8");
resp.setCharacterEncoding("utf-8");
resp.setContentType("text/html;charset=utf-8");
//得到session
HttpSession session = req.getSession();
//让Session中存东西
session.setAttribute("name","酱油");
//获取Session的ID
String id = session.getId();
//判断是否是新的session
if(session.isNew()){
resp.getWriter().write("session创建成功,sessionID:"+id);
}else{
resp.getWriter().write("session已经在服务器中存在了,sessionID:"+id);
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
super.doPost(req, resp);
}
}
package com.jiang.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
public class SessionDemo02 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//解决中文乱码
req.setCharacterEncoding("utf-8");
resp.setCharacterEncoding("utf-8");
resp.setContentType("text/html;charset=utf-8");
//得到session
HttpSession session = req.getSession();
String name= (String) session.getAttribute("name");
System.out.println(name);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
super.doPost(req, resp);
}
}
package com.jiang.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
public class SessionDemo03 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
//手动注销
session.removeAttribute("name");
session.invalidate();
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
super.doPost(req, resp);
}
}
自动注销 web.xml
<!--设置session默认的失效时间-->
<session-config>
<!--15分钟后sesssion自动失效,以分钟为单位-->
<session-timeout>1</session-timeout>
</session-config>
?https://www.bilibili.com/video/BV12J411M7Sj?p=18&spm_id_from=pageDriver