1 <%@page import="sun.misc.BASE64Encoder"%>
2 <%@page import="java.util.Base64.Encoder"%>
3 <%@page import="java.security.MessageDigest"%>
4 <%@ page language="java" contentType="text/html; charset=UTF-8"
5 pageEncoding="UTF-8"%>
6 <%!
7 //定义MD5加密的KEY
8 public static final String KEY = "wooyoohoo@163.com";
9 %>
10 <%
11 //设置请求和响应的编码格式
12 request.setCharacterEncoding("utf-8");
13 response.setCharacterEncoding("utf-8");
14
15 //判断用户的行为
16 String action = request.getParameter("action");
17
18 System.out.println(action);
19
20 if("login".equals(action)){
21 //登录
22 String userName = request.getParameter("username");
23 String pwd = request.getParameter("password");
24 //获取有效时长
25 String time = request.getParameter("time");
26
27 if(userName!=null && !userName.isEmpty()){
28 MessageDigest digest = MessageDigest.getInstance("MD5");
29 //将用户名称+KEY进行MD5加密
30 String encodeStr = new BASE64Encoder().encode(digest.digest((userName+KEY).getBytes("utf-8")));
31 //保存用户名称
32 Cookie userNameCookie = new Cookie("username",userName);
33 Cookie encodeCookie = new Cookie("ssid",encodeStr);
34
35 //设置有效期
36 userNameCookie.setMaxAge(Integer.parseInt(time));
37 encodeCookie.setMaxAge(Integer.parseInt(time));
38
39 //设置Cookie
40 response.addCookie(userNameCookie);
41 response.addCookie(encodeCookie);
42
43 //重新访问该页面(添加参数System.currentTimeMillis()禁止浏览器缓存页面内容)------------->此处重新请求该页面是为了在一个页面中处理完毕所有逻辑
44 response.sendRedirect(request.getRequestURI()+"?"+System.currentTimeMillis());
45 return;
46 }
47 }else if("logout".equals(action)){
48 //退出[清除userNameCookie和encodeCookie]
49 Cookie userNameCookie = new Cookie("username","");
50 Cookie encodeCookie = new Cookie("ssid","");
51
52 userNameCookie.setMaxAge(0);
53 encodeCookie.setMaxAge(0);
54
55 response.addCookie(userNameCookie);
56 response.addCookie(encodeCookie);
57
58 //重新访问该页面(添加参数System.currentTimeMillis()禁止浏览器缓存页面内容)------------->此处重新请求该页面是为了在一个页面中处理完毕所有逻辑
59 response.sendRedirect(request.getRequestURI()+"?"+System.currentTimeMillis());
60 return;
61 }
62
63 String account = null;
64 String ssid = null;
65
66 boolean isLogin = false;
67
68 //获取Cookie信息
69 Cookie[] cookies = request.getCookies();
70 if(cookies!=null && cookies.length>0){
71 //判断用户信息
72 for(int i=0;i<cookies.length;i++){
73 if(cookies[i].getName().equals("username")){
74 //获取账号
75 account = cookies[i].getValue();
76 }else if(cookies[i].getName().equals("ssid")){
77 //获取账号和KEY加密后的字符串
78 ssid = cookies[i].getValue();
79 }
80 }
81 }
82
83 if(account!=null && ssid!=null){
84 System.out.println(account);
85 String getSSID = new BASE64Encoder().encode(MessageDigest.getInstance("MD5").digest((account+KEY).getBytes("utf-8")));
86 System.out.println(getSSID);
87 System.out.println(ssid);
88 if(getSSID.equals(ssid)){
89 isLogin = true;
90 }
91 }
92 %>
93 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
94 <html>
95 <head>
96 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
97 <title>利用Cookie实现永久登录</title>
98 </head>
99 <body>
100 <%
101 if(isLogin){
102 %>
103 <!-- 显示登陆后的信息 -->
104 <span>欢迎回来<% out.print(account);%></span><button onclick="javascript:{window.location.href='<%=request.getRequestURI()%>?action=logout'}">注销</button>
105 <%
106 }else{
107 %>
108 <!-- 显示登录界面进行登录操作 -->
109 <form action="<%=request.getRequestURI()%>?action=login" method="post">
110 账号: <input type="text" name="username"><br>
111 密码:<input type="password" name="password">
112 <br>
113 <input type="radio" value="<%=30*60 %>" name="time">30分钟有效<br>
114 <input type="radio" value="<%=7*24*60*60 %>" name="time">7天有效<br>
115 <input type="radio" value="<%=30*24*60*60 %>" name="time">30天有效<br>
116 <input type="submit" value="登录">
117 </form>
118 <%
119 }
120 %>
121 </body>
122 </html>
