Java:Cookie实现记住用户名密码

Posted 步履不停

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Java:Cookie实现记住用户名密码相关的知识,希望对你有一定的参考价值。

package com.gamecenter.api.util;

import java.io.IOException;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.gamecenter.api.common.UserInfo;


/** 
* 类说明 
* @author chitu
* @version 创建时间:2016年11月21日 下午1:39:51 
*/
public class CookieUtil {
    //保存cookie时的cookieName
    private final static String cookieDomainName = "gamecenter";
    //加密cookie时的网站自定码
    private final static String webKey = "gamecenter";
    //设置cookie有效期是两个星期,根据需要自定义
    private final static long cookieMaxAge = 60 * 60 * 24 * 7 * 2;
    //保存Cookie到客户端-------------------------------------------------------------------------
    //在CheckLogonServlet.java中被调用
    //传递进来的user对象中封装了在登陆时填写的用户名与密码

    public static void saveCookie(String username,String password, HttpServletResponse response) throws Exception {
           //cookie的有效期
           long validTime = System.currentTimeMillis() + (cookieMaxAge * 5000);
           //MD5加密用户详细信息
           String cookieValueWithMd5 =getMD5(username + ":" + password+ ":" + validTime + ":" + webKey);
           //将要被保存的完整的Cookie值
           String cookieValue = username + ":" + validTime + ":" + cookieValueWithMd5;
           //再一次对Cookie的值进行BASE64编码
           String cookieValueBase64 = new String(Base64Util.encode(cookieValue.getBytes()));
           //开始保存Cookie
           Cookie cookie = new Cookie(cookieDomainName, cookieValueBase64);
           //存两年(这个值应该大于或等于validTime)
           cookie.setMaxAge(60 * 60 * 24 * 365 * 2);
           //cookie有效路径是网站根目录
           cookie.setPath("/");
           //向客户端写入
           response.addCookie(cookie);
    }

    //读取Cookie,自动完成登陆操作----------------------------------------------------------------
    //在Filter程序中调用该方法,见AutoLogonFilter.java
    public static void readCookieAndLogon(HttpServletRequest request, HttpServletResponse response,FilterChain chain) throws IOException, ServletException,UnsupportedEncodingException{
    	//根据cookieName取cookieValue
    	Cookie cookies[] = request.getCookies();
        String cookieValue = null;
        if(cookies!=null){
             for(int i = 0; i < cookies.length; i++){
                    if (cookieDomainName.equals(cookies[i].getName())) {
                           cookieValue = cookies[i].getValue();
                           break;
                    }
             }
       }
       //如果cookieValue为空,返回,
       if(cookieValue==null){
             return;
       }
       //如果cookieValue不为空,才执行下面的代码
       //先得到的CookieValue进行Base64解码
       String cookieValueAfterDecode = new String (Base64Util.decode(cookieValue),"utf-8");
       //对解码后的值进行分拆,得到一个数组,如果数组长度不为3,就是非法登陆
       String cookieValues[] = cookieValueAfterDecode.split(":");
       if(cookieValues.length!=3){
              response.setContentType("text/html;charset=utf-8");
              PrintWriter out = response.getWriter();
              out.println("你正在用非正常方式进入本站...");
              out.close();
              return;
       }
       //判断是否在有效期内,过期就删除Cookie
       long validTimeInCookie = new Long(cookieValues[1]);
       if(validTimeInCookie < System.currentTimeMillis()){
              //删除Cookie
              clearCookie(response);
              response.setContentType("text/html;charset=utf-8");
              PrintWriter out = response.getWriter();
              out.println("你的Cookie已经失效,请重新登陆");
              out.close();
              return;
       }
       //取出cookie中的用户名,并到数据库中检查这个用户名,
       String username = cookieValues[0];
       //根据用户名到数据库中检查用户是否存在
       UserDAO ud = DaoImplFactory.getInstance();
       User user = ud.selectUserByUsername(username);
       //如果user返回不为空,就取出密码,使用用户名+密码+有效时间+ webSiteKey进行MD5加密
       if(user!=null){
              String md5ValueInCookie = cookieValues[2];
              String md5ValueFromUser =getMD5(user.getUserName() + ":" + user.getPassword()
                            + ":" + validTimeInCookie + ":" + webKey);
              //将结果与Cookie中的MD5码相比较,如果相同,写入Session,自动登陆成功,并继续用户请求
              if(md5ValueFromUser.equals(md5ValueInCookie)){
                     HttpSession session = request.getSession(true);
                     session.setAttribute("user", user);
                     chain.doFilter(request, response);
              }
       }else{
       //返回为空执行
              response.setContentType("text/html;charset=utf-8");
              PrintWriter out = response.getWriter();
              out.println("cookie验证错误!");
              out.close();
        return;

      }

    }

    

		//用户注销时,清除Cookie,在需要时可随时调用-----------------------------------------------------
		public static void clearCookie( HttpServletResponse response){
		       Cookie cookie = new Cookie(cookieDomainName, null);
		       cookie.setMaxAge(0);
		       cookie.setPath("/");
		       response.addCookie(cookie);
		}

       //获取Cookie组合字符串的MD5码的字符串----------------------------------------------------------------
       public static String getMD5(String value) {
              String result = null;
              try{
                     byte[] valueByte = value.getBytes();
                     MessageDigest md = MessageDigest.getInstance("MD5");
                     md.update(valueByte);
                     result = toHex(md.digest());
              } catch (NoSuchAlgorithmException e){
                     e.printStackTrace();
              }
              return result;
       }
       //将传递进来的字节数组转换成十六进制的字符串形式并返回
       private static String toHex(byte[] buffer){
              StringBuffer sb = new StringBuffer(buffer.length * 2);
              for (int i = 0; i < buffer.length; i++){
                     sb.append(Character.forDigit((buffer[i] & 0xf0) >> 4, 16));
                     sb.append(Character.forDigit(buffer[i] & 0x0f, 16));
              }
              return sb.toString();
       }
}

  

以上是关于Java:Cookie实现记住用户名密码的主要内容,如果未能解决你的问题,请参考以下文章

js实现cookie记住密码

cookie实现记住密码(jsp+servlet)初学JavaEE

Java实现登录时cookie记住密码

ssm实现记住账号密码(cookie)

用cookie实现记住用户名和密码

Cookie实现记住密码自动登录功能