15.1. Principle Steps
- Registration: When registering, encrypt the user password into the database
- Login: When logged in, the user password is encrypted using the same algorithm as above, and then compared with the information in the database, if the same, the login
15.2, implementation (here using the SHA256 algorithm, the other digest algorithm md5/sha1/mac similar)
Note: The program here is in my previous write a maven+spring+springmvc+mybatis+velocity integrated article on the changes, concrete framework and database table structure, etc. will no longer wordy, their own reference to the following blog:
Http://www.cnblogs.com/java-zhao/p/5096811.html
Only Java classes are listed here. The entire code structure is as follows:
Usercontroller
1 PackageCom.xxx.web;2 3 Importorg.springframework.beans.factory.annotation.Autowired;4 ImportOrg.springframework.stereotype.Controller;5 Importorg.springframework.web.bind.annotation.RequestMapping;6 ImportOrg.springframework.web.bind.annotation.RequestParam;7 ImportOrg.springframework.web.bind.annotation.ResponseBody;8 ImportOrg.springframework.web.servlet.ModelAndView;9 Ten ImportCom.xxx.model.User; One ImportCom.xxx.service.UserService; A - @Controller -@RequestMapping ("User") the Public classUsercontroller { - - @Autowired - PrivateUserService UserService; + - @ResponseBody +@RequestMapping ("register") A Public BooleanRegister (@RequestParam ("username") String username, at@RequestParam ("Password") String password) { - - returnuserservice.register (username, password); - } - -@RequestMapping ("Login") in PublicModelandview Login (@RequestParam ("username") String username, -@RequestParam ("Password") String password) { toUser User =userservice.login (username, password); + -Modelandview Modelandview =NewModelandview (); the if(User = =NULL){ *Modelandview.addobject ("message", "the user does not exist or the password is wrong!") Please re-enter "); $Modelandview.setviewname ("Error");Panax Notoginseng}Else{ -Modelandview.addobject ("User", user); theModelandview.setviewname ("UserInfo"); + } A the returnModelandview; + } -}
View Code
UserService (This is the main battlefield of the addition and decryption)
1 PackageCom.xxx.service;2 3 Importjava.io.UnsupportedEncodingException;4 Importjava.security.NoSuchAlgorithmException;5 6 Importorg.springframework.beans.factory.annotation.Autowired;7 ImportOrg.springframework.stereotype.Service;8 9 ImportCom.util.encoder.ShaEncoder;Ten ImportCom.xxx.dao.UserDAO; One ImportCom.xxx.model.User; A - @Service - Public classUserService { the - @Autowired - PrivateUserdao Userdao; - + Public BooleanRegister (string Username, string password) { -User User =NewUser (); + User.setusername (username); A Try { atUser.setpassword (Shaencoder.encodeshahex (password));//sha256 Encryption of passwords -}Catch(nosuchalgorithmexception e) { - e.printstacktrace (); -}Catch(unsupportedencodingexception e) { - e.printstacktrace (); - } in returnuserdao.register (user); - } to + PublicUser Login (string username, string password) { -User User =NULL; the Try { *user = Userdao.login (username, shaencoder.encodeshahex (password));//sha256 Encryption of passwords $}Catch(nosuchalgorithmexception e) {Panax Notoginseng e.printstacktrace (); -}Catch(unsupportedencodingexception e) { the e.printstacktrace (); + } A returnuser; the } +}
View Code
Userdao
1 PackageCom.xxx.dao;2 3 Importorg.springframework.beans.factory.annotation.Autowired;4 Importorg.springframework.stereotype.Repository;5 6 ImportCom.xxx.mapper.UserMapper;7 ImportCom.xxx.model.User;8 9 @RepositoryTen Public classUserdao { One A @Autowired - PrivateUsermapper Usermapper; - the Public BooleanRegister (user user) { - returnUsermapper.insertuser (user) ==1?true:false; - } - + PublicUser Login (string username, string password) { - returnusermapper.selectbyusernameandpwd (username, password); + } A}
View Code
Usermapper
1 PackageCom.xxx.mapper;2 3 ImportOrg.apache.ibatis.annotations.Insert;4 ImportOrg.apache.ibatis.annotations.Param;5 ImportOrg.apache.ibatis.annotations.Result;6 ImportOrg.apache.ibatis.annotations.Results;7 ImportOrg.apache.ibatis.annotations.Select;8 9 ImportCom.xxx.model.User;Ten One Public InterfaceUsermapper { A -@Insert ("Insert into userinfo (username, password) VALUES (#{username},#{password})") - Public intinsertuser (user user); the -@Select ("select * from userinfo WHERE username = #{username} and password = #{password}") -@Results (value = {@Result (id =true, column = "id", property = "id"), -@Result (column = "username", property = "username"), +@Result (column = "Password", property = "Password")}) - PublicUser selectbyusernameandpwd (@Param ("username") String username, @Param ("Password") String password); +}
View Code
Shaencoder (here based on Commons Codec, the Sha256 tool class implemented by CC)
1 PackageCom.util.encoder;2 3 Importjava.io.UnsupportedEncodingException;4 Importjava.security.NoSuchAlgorithmException;5 Importorg.apache.commons.codec.digest.DigestUtils;6 7 Public classShaencoder {8 Private Static FinalString ENCODING = "UTF-8";9 Ten Public StaticString Encodeshahex (String data)throwsnosuchalgorithmexception,unsupportedencodingexception { One return NewString (Digestutils.sha256hex (Data.getbytes (ENCODING))); A } -}
View Code
The code is easy to understand, see the logic yourself, and then test it.
15th Chapter Encryption Algorithm example registration login (Message digest algorithm)