15th Chapter Encryption Algorithm example registration login (Message digest algorithm)

15.1. Principle Steps

• Registration: When registering, encrypt the user password into the database
• Login: When logged in, the user password is encrypted using the same algorithm as above, and then compared with the information in the database, if the same, the login

15.2, implementation (here using the SHA256 algorithm, the other digest algorithm md5/sha1/mac similar)

Note: The program here is in my previous write a maven+spring+springmvc+mybatis+velocity integrated article on the changes, concrete framework and database table structure, etc. will no longer wordy, their own reference to the following blog:

Http://www.cnblogs.com/java-zhao/p/5096811.html

Only Java classes are listed here. The entire code structure is as follows:

Usercontroller

1  PackageCom.xxx.web;2 3 Importorg.springframework.beans.factory.annotation.Autowired;4 ImportOrg.springframework.stereotype.Controller;5 Importorg.springframework.web.bind.annotation.RequestMapping;6 ImportOrg.springframework.web.bind.annotation.RequestParam;7 ImportOrg.springframework.web.bind.annotation.ResponseBody;8 ImportOrg.springframework.web.servlet.ModelAndView;9 Ten ImportCom.xxx.model.User; One ImportCom.xxx.service.UserService; A  - @Controller -@RequestMapping ("User") the  Public classUsercontroller { -      - @Autowired -     PrivateUserService UserService; +      - @ResponseBody +@RequestMapping ("register") A      Public BooleanRegister (@RequestParam ("username") String username, at@RequestParam ("Password") String password) { -          -         returnuserservice.register (username, password); -     } -      -@RequestMapping ("Login") in      PublicModelandview Login (@RequestParam ("username") String username, -@RequestParam ("Password") String password) { toUser User =userservice.login (username, password); +          -Modelandview Modelandview =NewModelandview (); the         if(User = =NULL){ *Modelandview.addobject ("message", "the user does not exist or the password is wrong!") Please re-enter "); $Modelandview.setviewname ("Error");Panax Notoginseng}Else{ -Modelandview.addobject ("User", user); theModelandview.setviewname ("UserInfo"); +         } A          the         returnModelandview; +     } -}

View Code

UserService (This is the main battlefield of the addition and decryption)

1  PackageCom.xxx.service;2 3 Importjava.io.UnsupportedEncodingException;4 Importjava.security.NoSuchAlgorithmException;5 6 Importorg.springframework.beans.factory.annotation.Autowired;7 ImportOrg.springframework.stereotype.Service;8 9 ImportCom.util.encoder.ShaEncoder;Ten ImportCom.xxx.dao.UserDAO; One ImportCom.xxx.model.User; A  - @Service -  Public classUserService { the      - @Autowired -     PrivateUserdao Userdao; -      +      Public BooleanRegister (string Username, string password) { -User User =NewUser (); + User.setusername (username); A         Try { atUser.setpassword (Shaencoder.encodeshahex (password));//sha256 Encryption of passwords -}Catch(nosuchalgorithmexception e) { - e.printstacktrace (); -}Catch(unsupportedencodingexception e) { - e.printstacktrace (); -         } in         returnuserdao.register (user); -     } to      +      PublicUser Login (string username, string password) { -User User =NULL; the         Try { *user = Userdao.login (username, shaencoder.encodeshahex (password));//sha256 Encryption of passwords $}Catch(nosuchalgorithmexception e) {Panax Notoginseng e.printstacktrace (); -}Catch(unsupportedencodingexception e) { the e.printstacktrace (); +         } A         returnuser; the     } +}

View Code

Userdao

1  PackageCom.xxx.dao;2 3 Importorg.springframework.beans.factory.annotation.Autowired;4 Importorg.springframework.stereotype.Repository;5 6 ImportCom.xxx.mapper.UserMapper;7 ImportCom.xxx.model.User;8 9 @RepositoryTen  Public classUserdao { One      A @Autowired -     PrivateUsermapper Usermapper; -      the      Public BooleanRegister (user user) { -         returnUsermapper.insertuser (user) ==1?true:false; -     } -      +      PublicUser Login (string username, string password) { -         returnusermapper.selectbyusernameandpwd (username, password); +     } A}

View Code

Usermapper

1  PackageCom.xxx.mapper;2 3 ImportOrg.apache.ibatis.annotations.Insert;4 ImportOrg.apache.ibatis.annotations.Param;5 ImportOrg.apache.ibatis.annotations.Result;6 ImportOrg.apache.ibatis.annotations.Results;7 ImportOrg.apache.ibatis.annotations.Select;8 9 ImportCom.xxx.model.User;Ten  One  Public InterfaceUsermapper { A      -@Insert ("Insert into userinfo (username, password) VALUES (#{username},#{password})") -      Public intinsertuser (user user); the      -@Select ("select * from userinfo WHERE username = #{username} and password = #{password}") -@Results (value = {@Result (id =true, column = "id", property = "id"), -@Result (column = "username", property = "username"),  +@Result (column = "Password", property = "Password")}) -      PublicUser selectbyusernameandpwd (@Param ("username") String username, @Param ("Password") String password); +}

View Code

Shaencoder (here based on Commons Codec, the Sha256 tool class implemented by CC)

1  PackageCom.util.encoder;2 3 Importjava.io.UnsupportedEncodingException;4 Importjava.security.NoSuchAlgorithmException;5 Importorg.apache.commons.codec.digest.DigestUtils;6 7  Public classShaencoder {8     Private Static FinalString ENCODING = "UTF-8";9     Ten      Public StaticString Encodeshahex (String data)throwsnosuchalgorithmexception,unsupportedencodingexception { One         return NewString (Digestutils.sha256hex (Data.getbytes (ENCODING))); A     } -}

View Code

The code is easy to understand, see the logic yourself, and then test it.

15th Chapter Encryption Algorithm example registration login (Message digest algorithm)