您好,我正在尝试在我当前在PlayFramework中构建的网站上实施会话,但是我遇到了麻烦,我从许多网站和有关PlayFramework会话的文档中阅读了内容,但是我仍然很难管理它。当用户尝试登录时,我检查他是否存在于数据库中,如果存在,我添加一个会话-会话(用户名,用户名),当用户名是键且用户名是值(仅在我正在测试时),然后生病在数据库中建立一个会话表,然后将已登录的用户保存在那里,但是对于此功能,我需要该会话将键->(用户名)保存为cookie名称。现在,我尝试了很多,但是我只能从request()。cookies()获取的就是键“ PLAY_SESSION”,这是播放框架中的默认键。
这是我的application.conf:
# Configuration
# Database configuration
# ~~~~~
# You can declare as many datasources as you want.
# By convention, the default datasource is named `default`
#db.default.driver=org.h2.Driver
#db.default.url="jdbc:h2:mem:play"
db.default.driver=com.mysql.jdbc.Driver
db.default.url="jdbc:mysql://localhost:3306/greenparking?autoReconnect=true&useSSL=false"
db.default.username=xxx
db.default.password="xxxx"
play.filters.headers.contentSecurityPolicy=null
# Ebean configuration
# ~~~~~
# You can declare as many Ebean servers as you want.
# By convention, the default server is named `default`
ebean.default="models.*"
# Assets configuration
# ~~~~~
#"assets.cache./public/stylesheets/bootstrap.min.css"="max-age=3600"
# Number of database connections
# See https://github.com/brettwooldridge/HikariCP/wiki/About-Pool-Sizing
fixedConnectionPool = 9
play.mailer {
host = "smtp.gmail.com" // (mandatory)
port = 465 // (defaults to 25)
ssl = yes // (defaults to no)
tls = no // (defaults to no)
tlsRequired = no // (defaults to no)
user = "xxxx" // (optional)
password = "xxxx" // (optional)
debug = no // (defaults to no, to take effect you also need to set the log level to "DEBUG" for the application logger)
timeout = null // (defaults to 60s in milliseconds)
connectiontimeout = null // (defaults to 60s in milliseconds)
mock = no // (defaults to no, will only log all the email properties instead of sending an email)
}
# Set Hikari to fixed size
play.db {
prototype {
hikaricp.minimumIdle = ${fixedConnectionPool}
hikaricp.maximumPoolSize = ${fixedConnectionPool}
}
}
play.evolutions.enabled=false
# Job queue sized to HikariCP connection pool
database.dispatcher {
executor = "thread-pool-executor"
throughput = 1
thread-pool-executor {
fixed-pool-size = ${fixedConnectionPool}
}
}
evolutionplugin=disabled
# Session configuration
session = {
# # The cookie name
# cookieName = "PLAY_SESSION"
# # Whether the secure attribute of the cookie should be set to true
# secure = true
# # The max age to set on the cookie.
# # If null, the cookie expires when the user closes their browser.
# # An important thing to note, this only sets when the browser will discard the cookie.
# maxAge = 3600000
# # Whether the HTTP only attribute of the cookie should be set to true
# httpOnly = true
# # The value of the SameSite attribute of the cookie. Set to null for no SameSite attribute.
# sameSite = "lax"
# # The domain to set on the session cookie
# # If null, does not set a domain on the session cookie.
# domain = null
# # The session path
# # Must start with /.
# path = ${play.http.context}
jwt {
# The JWT signature algorithm to use on the session cookie
# uses 'alg' https://tools.ietf.org/html/rfc7515#section-4.1.1
signatureAlgorithm = "HS256"
# # The time after which the session is automatically invalidated.
# # Use 'exp' https://tools.ietf.org/html/rfc7519#section-4.1.4
expiresAfter = ${play.http.session.maxAge}
# # The amount of clock skew to accept between servers when performing date checks
# # If you have NTP or roughtime synchronizing between servers, you can enhance
# # security by tightening this value.
clockSkew = 5 minutes
# # The claim key under which all user data is stored in the JWT.
dataClaim = "data"
}
}
请注意,cookieName =“ PLAY_SESSION”已被注释掉
我的userController:
package controllers;
import play.libs.Json;
import play.libs.mailer.MailerClient;
import play.mvc.*;
import play.mvc.Http.Cookie;
import java.net.HttpCookie;
import java.util.ArrayList;
import org.apache.commons.mail.EmailException;
import com.fasterxml.jackson.databind.JsonNode;
import com.google.inject.Inject;
import bl.userBL;
import services.MailerService;
public class userController extends Controller{
@Inject MailerClient mClient;
private Boolean checkPermission() {
return null;
}
public Result login(String username, String password) {
userBL bl = new userBL();
//JsonNode json = request().body().asJson();
//String username = json.get("username").asText();
//String password = json.get("password").asText();
if(bl.login(username, password)) {
session(username, username);
System.out.println(session("bob"));
return ok("Success");
}
return badRequest("wrong username or password");
}
public Result getCustomers() {
if(session("bob") != null) {
for(String coockieStr : request().headers().get("Cookie")) {
String name = coockieStr.substring(0, coockieStr.indexOf("="));
System.out.println("cookie is: " + name);
System.out.println(request().cookie(name).value());
//System.out.println(request().cookies().get(""));
}
System.out.println("logged in");
System.out.println(session("bob"));
}else {
System.out.println("not logged in");
}
String role = "customer";
userBL bl = new userBL();
JsonNode personsJson = Json.toJson(bl.personsByRole(role));
return ok(Json.toJson(request().cookies().toString()));
}
}
出于测试目的,我在该函数中使用GET方法登录,将用户保存在会话中,然后在“ getCustomers”函数中检查该会话,并且希望将“用户名”作为request()中的键。 (键)(对于用户名作为键,它返回null,对于PLAY_SESSION作为键,它返回cookie) 我做错了什么?
谢谢, 安迪