1 <%@page import="sun.misc.BASE64Encoder"%> 2 <%@page import="java.util.Base64.Encoder"%> 3 <%@page import="java.security.MessageDigest"%> 4 <%@ page language="java" contentType="text/html; charset=UTF-8" 5 pageEncoding="UTF-8"%> 6 <%! 7 //定义MD5加密的KEY 8 public static final String KEY = "wooyoohoo@163.com"; 9 %> 10 <% 11 //设置请求和响应的编码格式 12 request.setCharacterEncoding("utf-8"); 13 response.setCharacterEncoding("utf-8"); 14 15 //判断用户的行为 16 String action = request.getParameter("action"); 17 18 System.out.println(action); 19 20 if("login".equals(action)){ 21 //登录 22 String userName = request.getParameter("username"); 23 String pwd = request.getParameter("password"); 24 //获取有效时长 25 String time = request.getParameter("time"); 26 27 if(userName!=null && !userName.isEmpty()){ 28 MessageDigest digest = MessageDigest.getInstance("MD5"); 29 //将用户名称+KEY进行MD5加密 30 String encodeStr = new BASE64Encoder().encode(digest.digest((userName+KEY).getBytes("utf-8"))); 31 //保存用户名称 32 Cookie userNameCookie = new Cookie("username",userName); 33 Cookie encodeCookie = new Cookie("ssid",encodeStr); 34 35 //设置有效期 36 userNameCookie.setMaxAge(Integer.parseInt(time)); 37 encodeCookie.setMaxAge(Integer.parseInt(time)); 38 39 //设置Cookie 40 response.addCookie(userNameCookie); 41 response.addCookie(encodeCookie); 42 43 //重新访问该页面(添加参数System.currentTimeMillis()禁止浏览器缓存页面内容)------------->此处重新请求该页面是为了在一个页面中处理完毕所有逻辑 44 response.sendRedirect(request.getRequestURI()+"?"+System.currentTimeMillis()); 45 return; 46 } 47 }else if("logout".equals(action)){ 48 //退出[清除userNameCookie和encodeCookie] 49 Cookie userNameCookie = new Cookie("username",""); 50 Cookie encodeCookie = new Cookie("ssid",""); 51 52 userNameCookie.setMaxAge(0); 53 encodeCookie.setMaxAge(0); 54 55 response.addCookie(userNameCookie); 56 response.addCookie(encodeCookie); 57 58 //重新访问该页面(添加参数System.currentTimeMillis()禁止浏览器缓存页面内容)------------->此处重新请求该页面是为了在一个页面中处理完毕所有逻辑 59 response.sendRedirect(request.getRequestURI()+"?"+System.currentTimeMillis()); 60 return; 61 } 62 63 String account = null; 64 String ssid = null; 65 66 boolean isLogin = false; 67 68 //获取Cookie信息 69 Cookie[] cookies = request.getCookies(); 70 if(cookies!=null && cookies.length>0){ 71 //判断用户信息 72 for(int i=0;i<cookies.length;i++){ 73 if(cookies[i].getName().equals("username")){ 74 //获取账号 75 account = cookies[i].getValue(); 76 }else if(cookies[i].getName().equals("ssid")){ 77 //获取账号和KEY加密后的字符串 78 ssid = cookies[i].getValue(); 79 } 80 } 81 } 82 83 if(account!=null && ssid!=null){ 84 System.out.println(account); 85 String getSSID = new BASE64Encoder().encode(MessageDigest.getInstance("MD5").digest((account+KEY).getBytes("utf-8"))); 86 System.out.println(getSSID); 87 System.out.println(ssid); 88 if(getSSID.equals(ssid)){ 89 isLogin = true; 90 } 91 } 92 %> 93 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 94 <html> 95 <head> 96 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 97 <title>利用Cookie实现永久登录</title> 98 </head> 99 <body> 100 <% 101 if(isLogin){ 102 %> 103 <!-- 显示登陆后的信息 --> 104 <span>欢迎回来<% out.print(account);%></span><button onclick="javascript:{window.location.href='<%=request.getRequestURI()%>?action=logout'}">注销</button> 105 <% 106 }else{ 107 %> 108 <!-- 显示登录界面进行登录操作 --> 109 <form action="<%=request.getRequestURI()%>?action=login" method="post"> 110 账号: <input type="text" name="username"><br> 111 密码:<input type="password" name="password"> 112 <br> 113 <input type="radio" value="<%=30*60 %>" name="time">30分钟有效<br> 114 <input type="radio" value="<%=7*24*60*60 %>" name="time">7天有效<br> 115 <input type="radio" value="<%=30*24*60*60 %>" name="time">30天有效<br> 116 <input type="submit" value="登录"> 117 </form> 118 <% 119 } 120 %> 121 </body> 122 </html>