我有一个应用程序,我限制用户从不同的设备进行多个登录。为此,我在我的表状态和ip中取了两列。如果用户已经从一台计算机登录,那么他可以从同一台计算机再次登录,但当他尝试从另一台计算机登录时,将分配新计算机的IP。但他能够从以前的计算机访问。为什么?如何退出他?此外,如果我从一个浏览器注销,他可以从另一个浏览器访问,如果他从两个浏览器登录。如何从所有浏览器中注销他? 公共类LoginServlet扩展了HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("LoginServlet..........");
InetAddress address;
//String hostname;
byte[] ip = new byte[0];
PrintWriter out = response.getWriter();
HttpSession session = request.getSession(true);
LoginDTO loginDTO = (LoginDTO) session.getAttribute("loginDTO");
int noOfCartItems = 0;
session.setAttribute("noOfCartItems", noOfCartItems);
Connection con = null;
try {
String operation = request.getParameter("operation");
if (operation.equalsIgnoreCase("signin")) {
String mobile_email = request.getParameter("mobile_email");
String password = request.getParameter("password");
address = InetAddress.getLocalHost();
ip = address.getAddress();
String ipAddress = com.oeuvretc.util.RawIPToString.getIpAddress(ip);
System.out.println(ipAddress);
con = ConnectionManager.getConnection();
PreparedStatement ps=con.prepareStatement("SELECT * FROM view_user_details WHERE (mobile=? OR email_id=?) AND user_password=?");
ps.setString(1, mobile_email);
ps.setString(2, mobile_email);
ps.setString(3, password);
ResultSet rs=ps.executeQuery();
if(rs.next())
{
HttpSession s=request.getSession();
s.setAttribute("mob", mobile_email);
out.print(1);
String ipadd=rs.getString("ip");
String stat=rs.getString("status");
if(ipadd.equals("")||ipadd.equals(ipAddress))
{
PreparedStatement ps3=con.prepareStatement("update user_registration set status=?, ip=? where (mobile=? or email_id=?)");
ps3.setString(1,"ONLINE");
ps3.setString(2, ipAddress);
ps3.setString(3,mobile_email);
ps3.setString(4,mobile_email);
int count=ps3.executeUpdate();
if (loginDTO == null) {
loginDTO = new LoginDTO();
loginDTO.setLoginID(mobile_email);
loginDTO.setPassword(password);
session.setAttribute("loginDTO", loginDTO);
session.setAttribute("loginStatus", "logged-in");
}
PersonalInfoDTO personalInfoDTO = new PersonalInfoDTO();
if (rs.getString("fname") != null) {
personalInfoDTO.setFirstName(rs.getString("fname"));
}
if (rs.getString("lname") != null) {
personalInfoDTO.setLastName(rs.getString("lname"));
}
String name = null;
if (rs.getString("fname") != null) {
name = rs.getString("fname");
}
if (rs.getString("lname") != null) {
name = name + " " + rs.getString("lname");
}
if (name != null) {
personalInfoDTO.setName(name);
}
if (rs.getString("email_id") != null) {
personalInfoDTO.setEmail(rs.getString("email_id"));
}
if (rs.getString("mobile") != null) {
personalInfoDTO.setMobile(rs.getString("mobile"));
}
if (rs.getString("gender") != null) {
personalInfoDTO.setGender(rs.getString("gender"));
}
if (rs.getString("blood_group") != null) {
personalInfoDTO.setBloodGroup(rs.getString("blood_group"));
}
if (rs.getString("dob") != null) {
personalInfoDTO.setDOB(rs.getString("dob"));
}
if (rs.getString("height_feet") != null) {
personalInfoDTO.setHeightFeet(rs.getString("height_feet"));
}
if (rs.getString("height_inch") != null) {
personalInfoDTO.setHeightInch(rs.getString("height_inch"));
}
if (rs.getString("height_cm") != null) {
personalInfoDTO.setHeightCentiMeter(rs.getString("height_cm"));
}
if (rs.getString("weight_hg") != null) {
personalInfoDTO.setWeightKG(rs.getString("weight_hg"));
}
if (rs.getString("weight_lbs") != null) {
personalInfoDTO.setWeightLBS(rs.getString("weight_lbs"));
}
loginDTO.setPersonalInfoDTO(personalInfoDTO);
AddressDTO addressDTO = new AddressDTO();
if (rs.getString("locality") != null) {
addressDTO.setLocality(rs.getString("locality"));
}
if (rs.getString("pincode") != null) {
addressDTO.setPincode(rs.getString("pincode"));
}
if (rs.getString("addr") != null) {
addressDTO.setAddr(rs.getString("addr"));
}
if (rs.getString("landmark") != null) {
addressDTO.setLandmark(rs.getString("landmark"));
}
if (rs.getString("Cityname") != null) {
addressDTO.setCity(rs.getString("Cityname"));
}
if (rs.getString("Statename") != null) {
addressDTO.setState(rs.getString("Statename"));
}
if (rs.getString("Countryname") != null) {
addressDTO.setCountry(rs.getString("Countryname"));
}
loginDTO.setAddressDTO(addressDTO);
//loginDTO.setImage(rs.getBinaryStream("image"));
loginDTO.setProfilePic(rs.getString("image"));
//System.out.println(rs.getString("image"));
// fetch if any item is available in the user cart or not
PreparedStatement ps1 = con.prepareStatement("SELECT test_kit FROM user_registration WHERE mobile=? OR email_id=?");
ps1.setString(1, loginDTO.getLoginID());
ps1.setString(2, loginDTO.getLoginID());
ResultSet rs1 = ps1.executeQuery();
if (rs1.next()) {
InputStream is = rs1.getBinaryStream(1);
if (is != null) {
ObjectInputStream ois = new ObjectInputStream(is);
HashMap<String, CartDTO> mapOfCartDTO = (HashMap<String, CartDTO>) ois.readObject();
session.setAttribute("mapOfCartDTO", mapOfCartDTO);
noOfCartItems = mapOfCartDTO.size();
session.setAttribute("noOfCartItems", noOfCartItems);
}
}
}
else{
out.print(2);
PreparedStatement ps3=con.prepareStatement("update user_registration set status=?, ip=? where (mobile=? or email_id=?)");
ps3.setString(1,"OFFLINE");
ps3.setString(2, "");
ps3.setString(3,mobile_email);
ps3.setString(4,mobile_email);
int count=ps3.executeUpdate();
System.out.println("Already Logged In. from another device.");
}
}
else{
out.print(0);
System.out.println("Invalid Username or Password");
}
}
}}
公共类LogoutServlet扩展了HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("LogoutServlet..........");
Connection con = null;
HttpSession session = request.getSession(false);
HttpSession s=request.getSession();
String mob=(String) s.getAttribute("mob");
String siginThrough = (String) session.getAttribute("siginThrough");
try{
con = ConnectionManager.getConnection();
PreparedStatement ps3=con.prepareStatement("update user_registration set status=?, ip=? where (mobile=? or email_id=?)");
ps3.setString(1,"OFFLINE");
ps3.setString(2, "");
ps3.setString(3,mob);
ps3.setString(4,mob);
int count=ps3.executeUpdate();
session.invalidate();
}
catch(Exception e)
{
e.printStackTrace();
}
//response.sendRedirect(getServletContext().getInitParameter("baseURL_USER"));
//response.sendRedirect("/scylla/");
if (siginThrough != null) {
if (siginThrough.equals("facebook")) {
response.getWriter().print(siginThrough);
} else if (siginThrough.equals("google")) {
response.getWriter().print(siginThrough);
}
} else {
response.getWriter().print(1);
}
}
}
答案 0 :(得分:0)
您应该添加一个参数来实现此目的。
包含sessionvalidation的一个,它应该是IP和布尔值的组合。例如(127.0.0.1-true)
当他从浏览器登录时将boolean设置为true,并在他注销后设置为false。在所有页面中添加一个检查以检查此参数是否为真,以及访问系统的IP和此变量中的IP。因此,当他退出时,他将无法从其他浏览器/计算机访问。