註冊後自動登錄並重定向

Question

我正在使用JSF 2.0和Primefaces 3.4.1作爲前端創建電影租賃應用程序。用戶成功註冊後，我需要使用新創建的ID自動登錄並重定向到主頁。

目前，我做這樣說：

@ManagedBean 
@ViewScoped 
public class RegistrationBean extends BaseBean implements Serializable 
{ 
    ... 

    public String register() 
    { 
     String nextPage = null; 
     User userDetails = new User(); 

     try 
     { 
     BeanUtils.copyProperties(userDetails, this); 
     int registrationID = getServiceLocator().getUserService().registerUser(userDetails); 
     LOGGER.info("Registered user successfully. Registration ID - {}", registrationID); 

     // auto login 
     LoginBean loginBean = (LoginBean)FacesUtils.getManagedBean("loginBean"); 
     loginBean.setUserId(userID); 
     loginBean.setPassword(password); 
     loginBean.login(); 
     } 
     catch (Exception e) { 
     LOGGER.error("Error during registration - " + e.getMessage()); 
     FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_ERROR, null, 
        FacesUtils.getValueFromResource(RESOURCE_BUNDLE, REGISTRATION_FAIL)); 
     FacesContext.getCurrentInstance().addMessage(null, message); 
     } 
     return nextPage; 
    } 
} 

LoginBean：在register()方法

@ManagedBean 
@SessionScoped 
public class LoginBean extends BaseBean implements Serializable 
{ 
    ... 

    public String login() 
    { 
     FacesContext ctx = FacesContext.getCurrentInstance(); 

     try 
     { 
     currentUser = getServiceLocator().getUserService().findUser(userID); 

     if (currentUser == null) 
     { 
      ctx.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, null, 
        FacesUtils.getValueFromResource(RESOURCE_BUNDLE, UNKNOWN_LOGIN))); 
      return (userID = password = null); 
     } 
     else 
     { 
      if (EncryptionUtils.compareHash(password, currentUser.getEncrPass())) { 
       return INDEX + "?faces-redirect=true"; 
      } 
      else 
      { 
       ctx.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, null, 
         FacesUtils.getValueFromResource(RESOURCE_BUNDLE, AUTH_FAIL))); 
       return null; 
      } 
     } 
     } 
     catch (Exception e) 
     { 
     final String errorMessage = "Error occured during login - " + e.getMessage(); 
     LOGGER.error(errorMessage); 
     ctx.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, null, errorMessage)); 
     } 

     return null; 
    } 
} 

上面的方法是，毫無疑問，錯誤和沒有安全感。有什麼辦法可以以更清潔的方式達到同樣的效果嗎？

---

使用f:viewParam

RegistrationBean實施

int registrationID = getServiceLocator().getUserService().registerUser(userDetails); 
LOGGER.info("Registered user successfully. Registration ID - {}", registrationID); 
nextPage = LOGIN + "?faces-redirect=true&id=" + registrationID; 

login.xhtml

<f:metadata> 
    <f:viewParam name="id" value="#{loginBean.regID}" /> 
    <f:event listener="#{loginBean.autoLogin}" type="preRenderView"></f:event> 
</f:metadata> 

LoginBean

private int regID; 

... 

public void autoLogin() 
{ 
    if (regID > 0 && !FacesContext.getCurrentInstance().isPostback()) 
    { 
     currentUser = getServiceLocator().getUserService().findUser(regID); 
     NavigationHandler navHandler = FacesUtils.getApplication().getNavigationHandler(); 
     navHandler.handleNavigation(FacesContext.getCurrentInstance(), null, INDEX + "?faces-redirect=true"); 
    } 
} 

Answer 1

因此，讓我們假設你有

1. 註冊/用戶註冊
2. 登錄
3. 首頁

這裏註冊成功需要汽車三頁登錄並需要重定向到主頁e但通常是手動登錄是必須在註冊後。

無論如何，我建議你在一個門面類中單獨的登錄憑證檢查，或者你也可以在LoginBean中使用它。

public User doLogin(String userName, String password) { 
    // query user 
    // match with password 
    // return null if not found or not matched 
} 

在faces-config.xml添加navigation-rule登記豆和登錄豆

<navigation-case> 
     <from-outcome>loginSuccess</from-outcome> 
     <to-view-id>/home.xhtml</to-view-id> 
     <redirect/> 
</navigation-case> 

在這兩種註冊豆和登錄豆呼叫doLogin方法然後如果用戶發現設置導航

NavigationHandler nh = facesContext.getApplication().getNavigationHandler(); 
nh.handleNavigation(facesContext, null, "loginSuccess");