此篇文章是基于安卓APP登录这篇文章而写的,如果有什么包显示错误可以先去阅读。
首先看一下动图展示:
如果用户名已存在或者邮箱已被使用过,则注册不成功:
下面是activity_register.xml
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:orientation="vertical"
tools:context=".Activities.RegisterActivity">
<!--
注册页面
-->
<EditText
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:inputType="textPersonName"
android:ems="10"
android:hint="用户名"
android:textColorHint="#003399"
android:id="@+id/register_edit_account"
android:textSize="20dp"
android:textColor="#003399"
android:layout_margin="10dp"/>
<EditText
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:ems="10"
android:hint="密码"
android:textColorHint="#003399"
android:id="@+id/register_edit_pwd"
android:textSize="20dp"
android:textColor="#003399"
android:layout_margin="10dp"/>
<EditText
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:ems="10"
android:hint="邮箱(用于找回密码)"
android:textColorHint="#003399"
android:id="@+id/register_edit_email"
android:textSize="20dp"
android:textColor="#003399"
android:layout_margin="10dp"/>
<Button
android:text="注册"
android:textSize="20dp"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:id="@+id/register1"
android:layout_marginLeft="20dp"
android:layout_marginRight="20dp"
android:background="@color/lavender"/>
<Button
android:text="返回登录"
android:textSize="20dp"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_marginTop="5dp"
android:id="@+id/backto_login"
android:layout_marginLeft="20dp"
android:layout_marginRight="20dp"
android:background="@color/lavender"/>
</LinearLayout>
RegisterActivity.java(注册活动)
import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.text.method.PasswordTransformationMethod;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.Toast;
import com.android.volley.AuthFailureError;
import com.android.volley.Request;
import com.android.volley.RequestQueue;
import com.android.volley.Response;
import com.android.volley.VolleyError;
import com.android.volley.toolbox.StringRequest;
import com.android.volley.toolbox.Volley;
import com.example.administrator.loginclient.HttpsUtils.HTTPSTrustManager;
import com.example.administrator.loginclient.R;
import com.example.administrator.loginclient.RsaUtils.GenKeyFromString;
import com.example.administrator.loginclient.RsaUtils.MyConstant;
import com.example.administrator.loginclient.RsaUtils.RSAUtil;
import org.bouncycastle.util.encoders.Base64;
import org.json.JSONException;
import org.json.JSONObject;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
*注册
*/
public class RegisterActivity extends BaseActivity {
public static RequestQueue queue;
private static Context mContext;
private static int state=0;
private static String username;
private static String password;
//由于Android边编译边生成的原理,将匹配字符串放入全局,作为静态变量可以提高效率
public static Pattern p =
Pattern.compile("\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*");
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_register);
queue = Volley.newRequestQueue(getApplicationContext());
mContext = this;
final EditText AccountNumber = (EditText) findViewById(R.id.register_edit_account);
final EditText Password = (EditText) findViewById(R.id.register_edit_pwd);
Password.setTransformationMethod(PasswordTransformationMethod.getInstance());//密码不可见
final EditText Email =(EditText) findViewById(R.id.register_edit_email);
Button register=(Button)findViewById(R.id.register1);
Button backto_login=(Button)findViewById(R.id.backto_login);
register.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
final String name = AccountNumber.getText().toString().trim();
final String psw = Password.getText().toString().trim();
final String email=Email.getText().toString().trim();
username=name;
password=psw;
if (isEmail(Email.getText().toString().trim()) && Email.getText().toString().trim().length()<=31){
// Toast.makeText(mContext,"邮箱格式正确",Toast.LENGTH_SHORT).show();
// 获取Rsa 工具类对象
RSAUtil rsa = new RSAUtil();
// 获取公钥
RSAPublicKey pubKey = (RSAPublicKey) GenKeyFromString
.getPubKey(MyConstant.pubKey1);
// 使用公钥加密 数据
byte[] enRsaByte_psw = new byte[0];
byte[] enRsaBytes_user = new byte[0];
byte[] enRsaBytes_email = new byte[0];
try {
enRsaByte_psw = rsa.encrypt(pubKey, psw.getBytes());//密码加密
enRsaBytes_user = rsa.encrypt(pubKey, name.getBytes());//用户名加密
enRsaBytes_email = rsa.encrypt(pubKey, email.getBytes());//邮箱加密
} catch (Exception e) {
e.printStackTrace();
}
/**
* base64对byte数组进行编码,进过编码后得到String传输到对服务端解码得出byte数组。
*/
String enRsaStr_psw = new String(Base64.encode(enRsaByte_psw));//密码byte数组转成字符串
String enRsaStr_user = new String(Base64.encode(enRsaBytes_user));//用户名byte数组转成字符串
String enRsaStr_email = new String(Base64.encode(enRsaBytes_email));//用户名byte数组转成字符串
RegisterRequest(enRsaStr_user, enRsaStr_psw, enRsaStr_email);
Toast.makeText(mContext, "请稍等...", Toast.LENGTH_LONG).show();
}else {
Toast.makeText(mContext,"邮箱格式错误",Toast.LENGTH_SHORT).show();
}
}
});
backto_login.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
Intent intent = new Intent(RegisterActivity.this, MainActivity.class);
if(state==1){
intent.putExtra("username", username);
intent.putExtra("password", password);
}
startActivity(intent);
}
});
}
public static void RegisterRequest(final String accountNumber, final String password,final String email){
//请求地址
String url = "http://localhost:8083/MyFirstWebAPP/RegisterServlet";
String tag = "Register"; //注②
//取得请求队列
RequestQueue requestQueue = queue;
//防止重复请求,所以先取消tag标识的请求队列
requestQueue.cancelAll(tag);
HTTPSTrustManager.allowAllSSL();//允许所有https请求
//创建StringRequest,定义字符串请求的请求方式为POST(省略第一个参数会默认为GET方式)
final StringRequest request = new StringRequest(Request.Method.POST, url,
new Response.Listener<String>() {
@Override
public void onResponse(String response) {
try {
JSONObject jsonObject = (JSONObject) new JSONObject(response).get("params"); //注③
String result = jsonObject.getString("Result"); //注④
if (result.equals("Succeed")) { //注⑤
Toast.makeText(mContext, "注册成功", Toast.LENGTH_LONG).show();
state=1;
}
else if (result.equals("TheUsernameAlreadyExists")){
//做自己的登录失败操作,如Toast提示
state=0;
Toast.makeText(mContext, "该用户名已存在", Toast.LENGTH_LONG).show();
}
else if(result.equals("TheEmailExists")){
Toast.makeText(mContext, "该邮箱已被注册", Toast.LENGTH_LONG).show();
state=0;
}
} catch (JSONException e) {
//做自己的请求异常操作,如Toast提示(“无网络连接”等)
Log.e("TAG", e.getMessage(), e);
Toast.makeText(mContext, "无网络连接", Toast.LENGTH_LONG).show();
}
}
}, new Response.ErrorListener() {
@Override
public void onErrorResponse(VolleyError error) {
//做自己的响应错误操作,如Toast提示(“请稍后重试”等)
Log.e("TAG", error.getMessage(), error);
Toast.makeText(mContext, "请稍后重试", Toast.LENGTH_LONG).show();
}
}) {
@Override
protected Map<String, String> getParams() throws AuthFailureError {
Map<String, String> params = new HashMap<>();
params.put("AccountNumber", accountNumber); //注⑥
params.put("Password", password);
params.put("Email",email);
return params;
}
};
//设置Tag标签
request.setTag(tag);
//将请求添加到队列中
requestQueue.add(request);
}
public static boolean isEmail(String email){
if (null==email || "".equals(email)) return false;
//Pattern p = Pattern.compile("\\w+@(\\w+.)+[a-z]{2,3}"); //简单匹配
// Pattern p = Pattern.compile("\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*");//复杂匹配
Matcher m = p.matcher(email);
return m.matches();
}
}
安卓APP的到此为止。
下面是servlet后端的:RegisterServlet.java
import net.jw.MyFirstWebAPP.RSAutil.GenKeyFromString;
import net.jw.MyFirstWebAPP.RSAutil.MyConstant;
import net.jw.MyFirstWebAPP.RSAutil.RSAUtil;
import net.jw.MyFirstWebAPP.UserDAO;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.interfaces.RSAPrivateKey;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONObject;
import org.bouncycastle.util.encoders.Base64;
/**
*注册新用户
* @author Administrator
*/
public class RegisterServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 设置响应内容类型
response.setContentType("text/html;charset=utf-8");
request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("utf-8");
try (PrintWriter out = response.getWriter()) {
//获得请求中传来的用户名和密码、邮箱
String accountNumber = request.getParameter("AccountNumber").trim();
String password = request.getParameter("Password").trim();
String email=request.getParameter("Email").trim();
//密码验证结果
byte[] bytereuser = Base64.decode(accountNumber);//旧解密BASE64
byte[] byterepsw = Base64.decode(password);//密码解密BASE64
byte[] bytereemail = Base64.decode(email);//邮箱解密BASE64
// System.out.println(byteres);
// System.out.println("字符串转成byte数组:"+new String(byteres));
// 获取私钥
RSAUtil rsa = new RSAUtil();
RSAPrivateKey priKey = (RSAPrivateKey) GenKeyFromString
.getPrivateKey(MyConstant.priKey1);
// 拿着私钥解用户名
byte[] encRsaByteuser = rsa.decrypt(priKey,
bytereuser);
// 拿着私钥解密码
byte[] encRsaBytepsw = rsa.decrypt(priKey,
byterepsw);
byte[] encRsaByteemail = rsa.decrypt(priKey,
bytereemail);
int verifyResult = verifyRegister(new String(encRsaByteuser),new String(encRsaBytepsw),new String(encRsaByteemail));
Map<String, String> params = new HashMap<>();
JSONObject jsonObject = new JSONObject();
if (verifyResult == 1) {
params.put("Result", "Succeed");//修改密码成功
}
else if (verifyResult == 0){
params.put("Result", "TheUsernameAlreadyExists");//该用户名已存在
}
else if(verifyResult == 2){
params.put("Result", "TheEmailExists");//邮箱已存在
}
jsonObject.put("params", params);
out.write(jsonObject.toString());
} catch (Exception ex) {
Logger.getLogger(RegisterServlet.class.getName()).log(Level.SEVERE, null, ex);
}
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
/**
* 验证用户名密码是否正确
*
* @param userName
* @param password
*/
private int verifyRegister(String userName, String password,String email) {
Boolean result=UserDAO.registerUser(userName,password,email);
if(result==true){
return 1;//注册成功
}
else if(!UserDAO.checkUserName(userName)){
return 0;
}
else if(!UserDAO.checkEmail(email)){
return 2;
}
return 0;
}
}
注册的逻辑其实很简单,首先是APP填写表单,加密数据后,通过post的方式提交给服务器,服务器先解密数据,再将解密后得到的数据-----用户名和邮箱分别与数据库比对,如有重复。则注册不成功,反之注册成功。
对了 ,服务器的GenKeyFromString.java、MyConstant.java、RSAUtil.java和安卓APP端的代码一样的。
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* Created by Administrator on 2020/4/26.
* 此类是volley加持https协议
*/
public class HTTPSTrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[] {};
protected HttpURLConnection createConnection(URL url) throws IOException {
if("https".equals(url.getProtocol().toLowerCase())){
HTTPSTrustManager.allowAllSSL();
}
return (HttpURLConnection) url.openConnection();
}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
// To change body of implemented methods use File | Settings | File
// Templates.
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
// To change body of implemented methods use File | Settings | File
// Templates.
}
public boolean isClientTrusted(X509Certificate[] chain) {
return true;
}
public boolean isServerTrusted(X509Certificate[] chain) {
return true;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
// TODO Auto-generated method stub
return true;
}
});
SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[] { new HTTPSTrustManager() };
}
try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context
.getSocketFactory());
}
}
2285
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
