Zzzz/Book-management-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Zzzz
2026-04-27 18:40:30 +08:00
commit 2120774b05
112 changed files with 12308 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/java/com/mzh/library/controller/DashboardServlet.java
+26
View File
@@ -0,0 +1,26 @@
package com.mzh.library.controller;
import com.mzh.library.entity.AuthenticatedUser;
import com.mzh.library.util.SessionAttributes;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class DashboardServlet extends HttpServlet {
private static final String DASHBOARD_JSP = "/WEB-INF/jsp/dashboard.jsp";
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession(false);
AuthenticatedUser user = session == null
? null
: (AuthenticatedUser) session.getAttribute(SessionAttributes.AUTHENTICATED_USER);
request.setAttribute("currentUser", user);
request.getRequestDispatcher(DASHBOARD_JSP).forward(request, response);
}
}
src/main/java/com/mzh/library/controller/LoginServlet.java
+100
View File
@@ -0,0 +1,100 @@
package com.mzh.library.controller;
import com.mzh.library.dao.impl.JdbcUserDao;
import com.mzh.library.entity.AuthenticatedUser;
import com.mzh.library.service.AuthService;
import com.mzh.library.service.AuthenticationResult;
import com.mzh.library.service.impl.AuthServiceImpl;
import com.mzh.library.util.SessionAttributes;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginServlet extends HttpServlet {
private static final String LOGIN_JSP = "/WEB-INF/jsp/auth/login.jsp";
private static final String DASHBOARD_PATH = "/dashboard";
private static final int SESSION_TIMEOUT_SECONDS = 30 * 60;
private AuthService authService;
@Override
public void init() {
this.authService = new AuthServiceImpl(new JdbcUserDao());
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if (isAuthenticated(request)) {
response.sendRedirect(request.getContextPath() + DASHBOARD_PATH);
return;
}
request.setAttribute("redirect", safeRedirect(request.getParameter("redirect")));
request.getRequestDispatcher(LOGIN_JSP).forward(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = trim(request.getParameter("username"));
String password = request.getParameter("password");
String redirect = safeRedirect(request.getParameter("redirect"));
AuthenticationResult result = authService.authenticate(username, password);
if (!result.isAuthenticated()) {
request.setAttribute("errorMessage", result.getMessage());
request.setAttribute("username", username);
request.setAttribute("redirect", redirect);
request.getRequestDispatcher(LOGIN_JSP).forward(request, response);
return;
}
resetSession(request, result.getUser());
response.sendRedirect(resolveRedirect(request, redirect));
}
private boolean isAuthenticated(HttpServletRequest request) {
HttpSession session = request.getSession(false);
return session != null && session.getAttribute(SessionAttributes.AUTHENTICATED_USER) != null;
}
private void resetSession(HttpServletRequest request, AuthenticatedUser user) {
HttpSession existingSession = request.getSession(false);
if (existingSession != null) {
existingSession.invalidate();
}
HttpSession session = request.getSession(true);
session.setMaxInactiveInterval(SESSION_TIMEOUT_SECONDS);
session.setAttribute(SessionAttributes.AUTHENTICATED_USER, user);
session.setAttribute(SessionAttributes.USER_ROLE, user.getRole().getCode());
session.setAttribute(SessionAttributes.USER_PERMISSIONS, user.getPermissionCodes());
}
private String resolveRedirect(HttpServletRequest request, String redirect) {
if (redirect.isEmpty() || "/login".equals(redirect) || "/logout".equals(redirect)) {
return request.getContextPath() + DASHBOARD_PATH;
}
return request.getContextPath() + redirect;
}
private String safeRedirect(String value) {
String redirect = trim(value);
if (redirect.startsWith("/")
&& !redirect.startsWith("//")
&& !redirect.contains("\r")
&& !redirect.contains("\n")) {
return redirect;
}
return "";
}
private String trim(String value) {
return value == null ? "" : value.trim();
}
}
src/main/java/com/mzh/library/controller/LogoutServlet.java
+36
View File
@@ -0,0 +1,36 @@
package com.mzh.library.controller;
import com.mzh.library.entity.AuthenticatedUser;
import com.mzh.library.util.SessionAttributes;
import java.io.IOException;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LogoutServlet extends HttpServlet {
private static final Logger LOGGER = Logger.getLogger(LogoutServlet.class.getName());
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession(false);
if (session != null) {
AuthenticatedUser user = currentUser(session);
if (user != null) {
LOGGER.info("Logout userId=" + user.getId() + " role=" + user.getRole().getCode());
}
session.invalidate();
}
response.sendRedirect(request.getContextPath() + "/login");
}
private AuthenticatedUser currentUser(HttpSession session) {
Object value = session.getAttribute(SessionAttributes.AUTHENTICATED_USER);
return value instanceof AuthenticatedUser ? (AuthenticatedUser) value : null;
}
}
src/main/java/com/mzh/library/controller/RoleAreaServlet.java
+29
View File
@@ -0,0 +1,29 @@
package com.mzh.library.controller;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class RoleAreaServlet extends HttpServlet {
private static final String ROLE_HOME_JSP = "/WEB-INF/jsp/role-home.jsp";
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String servletPath = request.getServletPath();
if (servletPath.startsWith("/admin")) {
request.setAttribute("areaName", "Administration");
request.setAttribute("areaSummary", "Account, role, permission, and system-maintenance entry point.");
} else if (servletPath.startsWith("/librarian")) {
request.setAttribute("areaName", "Librarian Workspace");
request.setAttribute("areaSummary", "Book, reader, borrowing, return, renewal, and overdue entry point.");
} else {
request.setAttribute("areaName", "Reader Center");
request.setAttribute("areaSummary", "Catalog search and reader self-service entry point.");
}
request.getRequestDispatcher(ROLE_HOME_JSP).forward(request, response);
}
}
src/main/java/com/mzh/library/controller/UnauthorizedServlet.java
+18
View File
@@ -0,0 +1,18 @@
package com.mzh.library.controller;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class UnauthorizedServlet extends HttpServlet {
private static final String UNAUTHORIZED_JSP = "/WEB-INF/jsp/auth/unauthorized.jsp";
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
request.getRequestDispatcher(UNAUTHORIZED_JSP).forward(request, response);
}
}