1

我正在使用 JSF 2.0 和 Primefaces 3.4.1 作为前端创建电影租赁应用程序。用户注册成功后,我需要使用新创建的ID自动登录并重定向到主页。

目前,我正在这样做:

@ManagedBean
@ViewScoped
public class RegistrationBean extends BaseBean implements Serializable
{
   ...

   public String register() 
   {
      String nextPage = null;
      User userDetails = new User();

      try 
      {
         BeanUtils.copyProperties(userDetails, this);
         int registrationID = getServiceLocator().getUserService().registerUser(userDetails);
         LOGGER.info("Registered user successfully. Registration ID - {}", registrationID);

         // auto login
         LoginBean loginBean = (LoginBean)FacesUtils.getManagedBean("loginBean");
         loginBean.setUserId(userID);
         loginBean.setPassword(password);
         loginBean.login();
      }
      catch (Exception e) {
         LOGGER.error("Error during registration - " + e.getMessage());
         FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_ERROR, null, 
                  FacesUtils.getValueFromResource(RESOURCE_BUNDLE, REGISTRATION_FAIL));
         FacesContext.getCurrentInstance().addMessage(null, message);
      }
      return nextPage;
   }
}

登录豆

@ManagedBean
@SessionScoped
public class LoginBean extends BaseBean implements Serializable
{
   ...

   public String login() 
   {
      FacesContext ctx = FacesContext.getCurrentInstance();

      try 
      {
         currentUser = getServiceLocator().getUserService().findUser(userID);

         if (currentUser == null) 
         {
            ctx.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, null, 
                     FacesUtils.getValueFromResource(RESOURCE_BUNDLE, UNKNOWN_LOGIN)));
            return (userID = password = null);
         }
         else 
         {
            if (EncryptionUtils.compareHash(password, currentUser.getEncrPass())) {
               return INDEX + "?faces-redirect=true";
            }
            else 
            {
               ctx.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, null, 
                        FacesUtils.getValueFromResource(RESOURCE_BUNDLE, AUTH_FAIL)));
               return null;
            }
         }
      }
      catch (Exception e) 
      {
         final String errorMessage = "Error occured during login - " + e.getMessage();
         LOGGER.error(errorMessage);
         ctx.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, null, errorMessage));
      }

      return null;
   }
}

register()毫无疑问,上述方法是错误和不安全的。有什么方法可以以更清洁的方式实现相同的目标吗?

使用f:viewParam实现

注册Bean

int registrationID = getServiceLocator().getUserService().registerUser(userDetails);
LOGGER.info("Registered user successfully. Registration ID - {}", registrationID);
nextPage = LOGIN + "?faces-redirect=true&id=" + registrationID;

登录.xhtml

<f:metadata>
   <f:viewParam name="id" value="#{loginBean.regID}" />
   <f:event listener="#{loginBean.autoLogin}" type="preRenderView"></f:event>
</f:metadata>

登录豆

private int regID;

...

public void autoLogin()
{
   if (regID > 0 && !FacesContext.getCurrentInstance().isPostback())
   {
      currentUser = getServiceLocator().getUserService().findUser(regID);
      NavigationHandler navHandler = FacesUtils.getApplication().getNavigationHandler();
      navHandler.handleNavigation(FacesContext.getCurrentInstance(), null, INDEX + "?faces-redirect=true");
   }
}
4

1 回答 1

0

所以让我们假设你有三页

  1. 注册/用户注册
  2. 登录
  3. 主页

这里注册成功需要自动登录,需要重定向到主页,但通常注册后必须手动登录。

无论如何,我建议您在外观类中的单独方法中单独检查登录凭据,或者您也可以在 LoginBean 中使用它。

public User doLogin(String userName, String password) {
     // query user
     // match with password
     // return null if not found or not matched
}

添加注册bean和登录navigation-rulebeanfaces-config.xml

 <navigation-case>
        <from-outcome>loginSuccess</from-outcome>
        <to-view-id>/home.xhtml</to-view-id>
        <redirect/>
 </navigation-case>

在注册 bean 和登录 bean 调用doLogin方法中,如果用户找到设置导航

NavigationHandler nh = facesContext.getApplication().getNavigationHandler();
nh.handleNavigation(facesContext, null, "loginSuccess");
于 2013-01-01T07:42:18.657 回答