QT HTTPS Login (integrated Qnetworkaccessmanager advance Modify qsslconfiguration, then Post)

Source: Internet
Author: User
Tags emit md5 md5 encryption openssl

Briefly

HTTPS (full name: Hyper Text Transfer Protocol over secure Socket Layer) is a security-targeted HTTP channel and is simply a secure version of HTTP. That is, the SSL layer is added under HTTP, the security base of HTTPS is SSL, so the detailed content of encryption requires SSL. It is a URI scheme (abstract identifier system) with syntax similar to http: System. For secure HTTP data transfer. Https:url indicates that it uses HTTP, but HTTPS has a different default port than HTTP and an encryption/authentication layer (between HTTP and TCP). The system was originally developed by Netscape (Netscape) and built into its browser Netscape navigator, providing an authentication and encryption method of communication. It is now widely used for security-sensitive communications on the World Wide Web, such as transaction payments.

    • Briefly
    • The difference between HTTPS and HTTP
    • Instructions for use
      • MD5 encryption
      • HTTPS Login
    • How to use
    • Result processing

The difference between HTTPS and HTTP

Hypertext Transfer Protocol HTTP is used to pass information between a Web browser and a Web server. The HTTP protocol sends content in plaintext, does not provide data encryption in any way, and if an attacker intercepts a transmission message between a Web browser and a Web server, it can read the information directly, so the HTTP protocol is not suitable for transmitting sensitive information such as credit card numbers, passwords, etc.

To address this flaw in the HTTP protocol, you need to use a different protocol: Secure Sockets Layer Hypertext Transfer Protocol HTTPS. For the security of data transmission, HTTPS joins the SSL protocol on the basis of HTTP, SSL relies on the certificate to verify the identity of the server, and encrypts the communication between the browser and the server.

The main differences between HTTPS and HTTP are the following four points:

    1. The HTTPS protocol requires a certificate to be applied to the CA, and the general free certificate is very small and requires a fee.
    2. HTTP is a Hypertext Transfer Protocol, the information is plaintext transmission, HTTPS is a secure SSL encryption transport protocol.
    3. HTTP and HTTPS use a completely different connection, the same port, the former is 80, the latter is 443.
    4. The HTTP connection is simple and stateless; The HTTPS protocol is a network protocol built by the SSL+HTTP protocol for encrypted transmission and authentication, which is more secure than the HTTP protocol.
Instructions for use

The call about the network interface is no longer explained here, because the general interface will have detailed documentation such as: request Get/post, parameter format, return type, etc.

Because of the need for OpenSSL support, the use of SSL authentication, so the corresponding library files-ssleay32.dll, Libeay32.dll, you can refer to: http://slproweb.com/products/ win32openssl.html, I downloaded the version for-win32 OpenSSL v1.0.2g Light, copy the library below the bin directory and put it in the exe sibling directory. For better compatibility, it is best to compile the source code!

The following is an example of HTTPS, describes a complete login process, but also for HTTP and other forms of network interaction, such as: User authentication, upload, download and so on.

MD5 encryption

For security reasons, sensitive data is encrypted, and the most common basic is MD5.

QString md5(const QString &text){    QByteArray byteArray;    byteArray.append(text);    hash = QCryptographicHash::hash(byteArray, QCryptographicHash::Md5);    return hash.toHex();}
HTTPS Login

Perform SSL authentication, set parameters for the transfer, set the message header, start the request, and process the returned results.

Loginnetworkmanager::loginnetworkmanager (Qobject *parent): Qnetworkaccessmanager (parent) {SSL Authentication m_sslconfig = qsslconfiguration::d efaultconfiguration ();    M_sslconfig.setpeerverifymode (Qsslsocket::verifynone);    M_sslconfig.setprotocol (qssl::tlsv1_2); ConnectThis, SIGNAL (finished (qnetworkreply *)),This, SLOT (replyfinished (qnetworkreply *)));}End Request Loginnetworkmanager::~loginnetworkmanager () {if (m_preply! = NULL) {m_preply->abort (); M_preply->deletelater ();}}Setting up Login Datavoid Loginnetworkmanager::setparams (Const QString &username,Const QString &password) {m_strusername = userName; m_strpassword = password;}void Loginnetworkmanager::execute () {Qbytearray Usernamebytearray = M_strusername.toutf8 (); Qbytearray usernameencoding = usernamebytearray.topercentencoding ();Set the data sent Qbytearray DataArray; Dataarray.append (QString ("user_name=%1&"). Arg (QString (usernameencoding))); Dataarray.append (QString ("password=%1&"). ARG (MD5 (M_strpassword))); Dataarray.append ("Token_type=token");Set the message header Qnetworkrequest request; Request.setsslconfiguration (M_sslconfig); Request.setheader (Qnetworkrequest::contenttypeheader,"application/x-www-form-urlencoded"); Request.setheader (Qnetworkrequest::contentlengthheader, Dataarray.length ()); Request.seturl (Qurl (Login_url));Start Request m_preply = post (request, DataArray);}End of responsevoid loginnetworkmanager::replyfinished (qnetworkreply *reply) {Qbytearray bytes = Reply->readall (); QString strUserID ("");int NCode =-1; Qjsonparseerror Jsonerror; Qjsondocument doucment = Qjsondocument::fromjson (bytes, &jsonerror);if (Jsonerror.error = = Qjsonparseerror::noerror) {if (Doucment.isobject ()) {Qjsonobjectobject = doucment. object (); if (object.contains ( "userId")) { Qjsonvalue UserID = object.take ( "UserID"); if (userid.isstring ()) {strUserID = Userid.tostring ();}} if (object.contains ( "code")) { Qjsonvalue codevalue = object.take ( "code"); if (codevalue.isdouble ()) {NCode = Codevalue.tovariant (). ToInt ();}} }} //send result data if (!struserid.isempty ()) {Emit onsuccess ( strUserID); } else {emit onfail (nCode);}          
How to use
new LoginNetworkManager(this);connect(pLoginNetworkManager, SIGNAL(onSuccess(const QString &)), this, SLOT(onSuccess(const QString &)));connect(pLoginNetworkManager, SIGNAL(onFail(int)), this, SLOT(onFail(int)));// 设置参数pLoginNetworkManager->setParams("test", "123456");pLoginNetworkManager->execute();
Result processing

Generally speaking, the return format is JSON, XML, and of course it can be used in a specific format, but most of them are JSON.

Once we get the results, we can parse the returned JSON and process it!

That's right:
"{" user_id ":" Self-666666666_qt-mr2sj_9iu92fwd-pqalbtwl6zgtafa "," Role ": 1," Sex ": 0," user_name ":" Test "," Create_ Date ": 1449449966000}"

Error:
{"MSG": "User_name=test and password is the error.", "code": 418, "error_msg": "Password is invalid"}

http://blog.csdn.net/liang19890820/article/details/50800712

QT HTTPS Login (integrated Qnetworkaccessmanager advance Modify qsslconfiguration, then Post)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.