我已經散列了我的密碼並將它們存儲在數據庫中。 但是我不能在不解密密碼的情況下登錄。 我該怎麼做?如何使用md5散列密碼登錄?
我試圖做到這一點,但不工作代碼:
@RequestMapping(method = RequestMethod.POST)
public String processLogin(Person user, BindingResult result,
@RequestParam("userName") String username,
@RequestParam("password") String password) {
try {
password = Hex.encodeHexString(MessageDigest.getInstance("SHA-256").digest());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
ValidateUser(username, password);
String destination = "";
if (success == true) {
destination = "redirect:/person.html";
}
else {
destination = "redirect:/index.html";
}
return destination;
}
public boolean ValidateUser(String username, String password) {
// Decrypt password here.
List<Person> users = service.getAllPersons();
for (Person allUsers : users) {
if (allUsers.getUserName().equals(username) &&
allUsers.getPassword().equals(password)) {
success = true;
}
}
return success;
}
這裏是我的MD5 cryption:
public void setPassword(String password) {
String md5 = null;
try {
// Create MessageDigest object for MD5
MessageDigest digest = MessageDigest.getInstance("MD5");
// Update input string in message digest
digest.update(password.getBytes(), 0, password.length());
// Converts message digest value in base 16 (hex)
md5 = new BigInteger(1, digest.digest()).toString(16);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
this.password = md5;
}
是的我知道鹽,但如何編碼密碼? – Sembrano
@Sembrano,爲了簡單起見,更新了一個例子,沒有鹽並多次散列密碼。 –
啊,所以我編碼方式相同,然後我明白 – Sembrano