jsp login/logout/session

Session

• session의 결과 값, 반환 값은 모두 Object
• 이를 String으로 형 변환하여 사용 가능

쿠키 세션 비교

1. 저장위치

• 쿠키 : 클라이언트의 웹 브라우저가 지정하는 메모리 또는 하드디스크에 저장 (단, 쿠키를 허용하지 않은 경우에는 저장되지 않습니다.)
• 세션 : 서버의 메모리에 저장 (컴퓨터 종료 시 삭제됨. RAM 이라고 생각하면 편할듯)

2. 개념 비교

• 세션(session)은 사용자 정보등의 데이터를 서버나 웹컨테이너에 저장할때 사용되는 객체입니다.
  주로 로그인 후의 사용자 정보나 쇼핑몰의 장바구니 추가 등의 데이터 공유가 필요할때 주로 session에 저장하여 사용합니다.
  브라우저가 종료되지 않을때 까지 지정된 데이터를 페이지 이동에 상관없이 시간을 지정하여 저장가능합니다.
• 쿠키(cookie)는 사용자의 컴퓨터에 저장되므로 보안에 취약한데 이를 보완하여 쎄션은 서버에 저장하므로 보안에도 훨씬 뛰어납니다.

세션사용법

세션 로직 알고리즘

login

idxDao.java

package idx.model;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import mysql.db.DBConnect;

public class idxDao {

	DBConnect db=new DBConnect();
	
	// 아이디 통해서 이름 얻기
	public String getName(String id) {
		
		String name="";
		
		Connection conn=db.getConnection();
		PreparedStatement pstmt=null;
		ResultSet rs=null;
		
		String sql="select * from idx where id=?";
		
		try {
			pstmt=conn.prepareStatement(sql);
			
			// 바인딩
			pstmt.setString(1, id);
			// 출력
			rs=pstmt.executeQuery();
			
			if(rs.next()) {
				name=rs.getString("name"); 
			}
			
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} finally {
			db.dbClose(rs, pstmt, conn);
		}
		return name;
		
	}
	public boolean isLogin(String id,String pass) {
		boolean flag=false;
		
		Connection conn=db.getConnection();
		PreparedStatement pstmt=null;
		ResultSet rs=null;
		
		String sql="select * from idx where id=? and pass=?";
		
		try {
			pstmt=conn.prepareStatement(sql);
			
			pstmt.setString(1, id);
			pstmt.setString(2, pass);
			
			rs=pstmt.executeQuery();
			
			if(rs.next()) {
				flag=true;
			}
			
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} finally {
			db.dbClose(rs, pstmt, conn);
		} return flag;	
	}	
}

loginMain.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Dongle:wght@300&family=Gaegu:wght@300&family=Nanum+Pen+Script&family=Sunflower:wght@300&display=swap" rel="stylesheet">
<script src="https://code.jquery.com/jquery-3.7.0.js"></script>
<title>Insert title here</title>
</head>
<body>
<%
	String loginok=(String)session.getAttribute("loginok");
	System.out.println("["+loginok+"]");

	if(loginok==null){
		%>
		<jsp:include page="loginForm.jsp"/>
		<%
	}else{ //로그인
		%>
		<jsp:include page="logoutForm.jsp"/>
		<%
	}
%>
</body>
</html>

loginForm.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Dongle:wght@300&family=Gaegu:wght@300&family=Nanum+Pen+Script&family=Sunflower:wght@300&display=swap" rel="stylesheet">
<script src="https://code.jquery.com/jquery-3.7.0.js"></script>
<title>Insert title here</title>
<style type="text/css">
	div.loginform{
		width: 500px;
		margin-top: 100px;
		margin-left: 200px;
	}
</style>
</head>
<%
	String myid=(String)session.getAttribute("idok");
	String saveid=(String)session.getAttribute("saveok");
	
	boolean save=true;
	
	if(saveid==null){
		myid=""; //아이디 저장을 체크하지 않을경우 아이디 없앤다
		save=false;
	}
%>
<body>
	<div class="loginform">
		<form action="loginAction.jsp" method="post">
			<input type="text" name="id" style="width: 200px;"
			class="form-control" placeholder="로그인 아이디" required="required" value=<%=myid %>><br>
			<input type="password" name="pass" style="width: 200px;"
			class="form-control" placeholder="비밀번호 입력" required="required"><br>
			
			<button type="submit" class="btn btn-success btn-lg"
			style="width: 200px;">로그인</button><br>
			
			<input type="checkbox" name="savechk" <%=save==true?"checked":"" %>>아이디 저장
		</form>
	</div>
</body>
</html>

loginAction.jsp

<%@page import="member.model.MemberDao"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Dongle:wght@300&family=Gaegu:wght@300&family=Nanum+Pen+Script&family=Sunflower:wght@300&display=swap" rel="stylesheet">
<script src="https://code.jquery.com/jquery-3.7.0.js"></script>
<title>Insert title here</title>
</head>
<body>
<%
	String id=request.getParameter("id");
	String pass=request.getParameter("pass");
	String savechk=request.getParameter("savechk");
	
	MemberDao dao=new MemberDao();
	
	boolean login=dao.isLoginCheck(id, pass);
			
	
	if(login){
		session.setAttribute("loginok", "check");
		session.setAttribute("idok", id);
		session.setAttribute("saveok", savechk);
		
		session.setMaxInactiveInterval(60*60*4);
		
		response.sendRedirect("logoutForm.jsp");
	}else{%>
	<script type="text/javascript">
	alert("아이디와 비밀번호가 일치하지 않습니다.");
	history.back();
	
	</script>
	<%
	}
%>
</body>
</html>

logoutForm.jsp

<%@page import="java.text.SimpleDateFormat"%>
<%@page import="member.model.MemberDto"%>
<%@page import="member.model.MemberDao"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Dongle:wght@300&family=Gaegu:wght@300&family=Nanum+Pen+Script&family=Sunflower:wght@300&display=swap" rel="stylesheet">
<script src="https://code.jquery.com/jquery-3.7.0.js"></script>
<title>Insert title here</title>
<style>
	th{
	font-family: "Gaegu";
	font-size: 18px;
	text-align: center;
	}
</style>
</head>
<body>
<%
	String id=(String)session.getAttribute("idok");
	System.out.println(id);
	MemberDao dao=new MemberDao();
	
	String name=dao.returnName(id);
	System.out.println(name);
	MemberDto dto=dao.getData(id);
	SimpleDateFormat sdf=new SimpleDateFormat("yyyy-MM-dd");
%>
<br><br><br>
<h2 style="color: gray; font-family: 'Nanum Pen Script';"><%=name %>님 환영합니다!</h2>
<table class="table table-bordered" style="width: 250px;">
	<tr>
		<th width="70">ID</th>
		<td><%=dto.getId() %></td>
	</tr>
	<tr>
		<th width="70">이름</th>
		<td><%=dto.getName() %>
		<img src="<%=dto.getImage()%>" style="width: 80px;"></td>
	</tr>
	<tr>
		<th width="70">가입일</th>
		<td><%=sdf.format(dto.getGaip()) %></td>
	</tr>
</table>
<br><br>
<input type="button" value="로그아웃" class="btn btn-danger"
onclick="location.href='logoutAction.jsp'">
<button type="button" class="btn btn-outline-info"
onclick="location.href='../member/memberList.jsp'">회원목록으로</button>
</body>
</html>

logoutAction.jsp

logoutAction.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Dongle:wght@300&family=Gaegu:wght@300&family=Nanum+Pen+Script&family=Sunflower:wght@300&display=swap" rel="stylesheet">
<script src="https://code.jquery.com/jquery-3.7.0.js"></script>
<title>Insert title here</title>
</head>
<body>
<%
	//로그인에 대한 세션값 삭제
	session.removeAttribute("loginok");
	response.sendRedirect("loginMain.jsp");
	
%>
</body>
</html>