@RequestMapping(value = "/login", method = RequestMethod.POST) public @ResponseBody String login( @RequestParam(value = "email", required = false) String email, @RequestParam(value = "pass", required = false) String passwd, HttpSession session) throws JSONException { User user = new User(); user.email = email; user = userService.login(user, passwd); JSONObject res = new JSONObject(); if (user == null) { res.put("state", "mismatch"); return res.toString(); } res.put("state", "success"); session.setAttribute("id", user.Id); session.setAttribute("type", user.type); res.put("id", user.Id); res.put("type", user.type); return res.toString(); }