1. 首頁
  2. 問答
  3. 如何在Android活動中實現'記住我'功能?

如何在Android活動中實現'記住我'功能?

2010-01-28 85 views
16

我有一個用戶名,密碼和複選框(文本'記住我'旁邊)。如何在Android活動中實現'記住我'功能?

我該如何實現記住我的功能來保存用戶名和密碼數據?

任何幫助,將不勝感激。

來源

2010-01-28 UMAR

+0

檢查此 http://stackoverflow.com/questions/9370293/add-a-remember-me-checkbox – Appu 2013-09-11 11:34:15

回答

40

您可以save values associated with your application using Preferences

定義一些靜態存儲偏好文件名和密鑰,你要使用:

public static final String PREFS_NAME = "MyPrefsFile"; 
private static final String PREF_USERNAME = "username"; 
private static final String PREF_PASSWORD = "password";

你會然後保存用戶名和密碼如下:

getSharedPreferences(PREFS_NAME,MODE_PRIVATE) 
     .edit() 
     .putString(PREF_USERNAME, username) 
     .putString(PREF_PASSWORD, password) 
     .commit();

所以你會像這樣找回它們:

SharedPreferences pref = getSharedPreferences(PREFS_NAME,MODE_PRIVATE); 
String username = pref.getString(PREF_USERNAME, null); 
String password = pref.getString(PREF_PASSWORD, null); 

if (username == null || password == null) { 
    //Prompt for username and password 
}

或者,如果你不想命名一個pref erences文件,你可以只使用默認:

SharedPreferences pref = PreferenceManager.getDefaultSharedPreferences(this);

來源

2010-01-28 12:58:41

+1

我可以訪問其他的活動創建的那些值??? – UMAR 2010-02-01 07:18:11

+0

是的,您可以通過任何活動訪問首選項。 – 2010-02-01 09:45:06

+0

非常感謝... – UMAR 2010-02-01 10:38:15

13

應該指出的是,儘管公認的答案成功地存儲和檢索的憑證,它存儲它們作爲純文本。

這意味着密碼將很容易在固定電話上看到。如果您選擇存儲敏感信息,如應用程序中的密碼使用SharedPreferences,那麼作爲雷託邁耶(在Android發展的關係技術主管)說:你應該在非常至少encrypt the password它寫入磁盤之前。

下面是它存儲在SharedPreferences之前加密用戶信息的實現:

/* 
Copyright (C) 2012 Sveinung Kval Bakken, [email protected] 

Permission is hereby granted, free of charge, to any person obtaining 
a copy of this software and associated documentation files (the 
"Software"), to deal in the Software without restriction, including 
without limitation the rights to use, copy, modify, merge, publish, 
distribute, sublicense, and/or sell copies of the Software, and to 
permit persons to whom the Software is furnished to do so, subject to 
the following conditions: 

The above copyright notice and this permission notice shall be 
included in all copies or substantial portions of the Software. 

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 

*/ 

import java.io.UnsupportedEncodingException; 
import java.security.GeneralSecurityException; 
import java.security.InvalidAlgorithmParameterException; 
import java.security.InvalidKeyException; 
import java.security.MessageDigest; 
import java.security.NoSuchAlgorithmException; 

import javax.crypto.Cipher; 
import javax.crypto.spec.IvParameterSpec; 
import javax.crypto.spec.SecretKeySpec; 

import android.content.Context; 
import android.content.SharedPreferences; 
import android.util.Base64; 


public class SecurePreferences { 

    public static class SecurePreferencesException extends RuntimeException { 

     public SecurePreferencesException(Throwable e) { 
      super(e); 
     } 

    } 

    private static final String TRANSFORMATION = "AES/CBC/PKCS5Padding"; 
    private static final String KEY_TRANSFORMATION = "AES/ECB/PKCS5Padding"; 
    private static final String SECRET_KEY_HASH_TRANSFORMATION = "SHA-256"; 
    private static final String CHARSET = "UTF-8"; 

    private final boolean encryptKeys; 
    private final Cipher writer; 
    private final Cipher reader; 
    private final Cipher keyWriter; 
    private final SharedPreferences preferences; 

    /** 
    * This will initialize an instance of the SecurePreferences class 
    * @param context your current context. 
    * @param preferenceName name of preferences file (preferenceName.xml) 
    * @param secureKey the key used for encryption, finding a good key scheme is hard. 
    * Hardcoding your key in the application is bad, but better than plaintext preferences. Having the user enter the key upon application launch is a safe(r) alternative, but annoying to the user. 
    * @param encryptKeys settings this to false will only encrypt the values, 
    * true will encrypt both values and keys. Keys can contain a lot of information about 
    * the plaintext value of the value which can be used to decipher the value. 
    * @throws SecurePreferencesException 
    */ 
    public SecurePreferences(Context context, String preferenceName, String secureKey, boolean encryptKeys) throws SecurePreferencesException { 
     try { 
      this.writer = Cipher.getInstance(TRANSFORMATION); 
      this.reader = Cipher.getInstance(TRANSFORMATION); 
      this.keyWriter = Cipher.getInstance(KEY_TRANSFORMATION); 

      initCiphers(secureKey); 

      this.preferences = context.getSharedPreferences(preferenceName, Context.MODE_PRIVATE); 

      this.encryptKeys = encryptKeys; 
     } 
     catch (GeneralSecurityException e) { 
      throw new SecurePreferencesException(e); 
     } 
     catch (UnsupportedEncodingException e) { 
      throw new SecurePreferencesException(e); 
     } 
    } 

    protected void initCiphers(String secureKey) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException, 
      InvalidAlgorithmParameterException { 
     IvParameterSpec ivSpec = getIv(); 
     SecretKeySpec secretKey = getSecretKey(secureKey); 

     writer.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec); 
     reader.init(Cipher.DECRYPT_MODE, secretKey, ivSpec); 
     keyWriter.init(Cipher.ENCRYPT_MODE, secretKey); 
    } 

    protected IvParameterSpec getIv() { 
     byte[] iv = new byte[writer.getBlockSize()]; 
     System.arraycopy("fldsjfodasjifudslfjdsaofshaufihadsf".getBytes(), 0, iv, 0, writer.getBlockSize()); 
     return new IvParameterSpec(iv); 
    } 

    protected SecretKeySpec getSecretKey(String key) throws UnsupportedEncodingException, NoSuchAlgorithmException { 
     byte[] keyBytes = createKeyBytes(key); 
     return new SecretKeySpec(keyBytes, TRANSFORMATION); 
    } 

    protected byte[] createKeyBytes(String key) throws UnsupportedEncodingException, NoSuchAlgorithmException { 
     MessageDigest md = MessageDigest.getInstance(SECRET_KEY_HASH_TRANSFORMATION); 
     md.reset(); 
     byte[] keyBytes = md.digest(key.getBytes(CHARSET)); 
     return keyBytes; 
    } 

    public void put(String key, String value) { 
     if (value == null) { 
      preferences.edit().remove(toKey(key)).commit(); 
     } 
     else { 
      putValue(toKey(key), value); 
     } 
    } 

    public boolean containsKey(String key) { 
     return preferences.contains(toKey(key)); 
    } 

    public void removeValue(String key) { 
     preferences.edit().remove(toKey(key)).commit(); 
    } 

    public String getString(String key) throws SecurePreferencesException { 
     if (preferences.contains(toKey(key))) { 
      String securedEncodedValue = preferences.getString(toKey(key), ""); 
      return decrypt(securedEncodedValue); 
     } 
     return null; 
    } 

    public void clear() { 
     preferences.edit().clear().commit(); 
    } 

    private String toKey(String key) { 
     if (encryptKeys) 
      return encrypt(key, keyWriter); 
     else return key; 
    } 

    private void putValue(String key, String value) throws SecurePreferencesException { 
     String secureValueEncoded = encrypt(value, writer); 

     preferences.edit().putString(key, secureValueEncoded).commit(); 
    } 

    protected String encrypt(String value, Cipher writer) throws SecurePreferencesException { 
     byte[] secureValue; 
     try { 
      secureValue = convert(writer, value.getBytes(CHARSET)); 
     } 
     catch (UnsupportedEncodingException e) { 
      throw new SecurePreferencesException(e); 
     } 
     String secureValueEncoded = Base64.encodeToString(secureValue, Base64.NO_WRAP); 
     return secureValueEncoded; 
    } 

    protected String decrypt(String securedEncodedValue) { 
     byte[] securedValue = Base64.decode(securedEncodedValue, Base64.NO_WRAP); 
     byte[] value = convert(reader, securedValue); 
     try { 
      return new String(value, CHARSET); 
     } 
     catch (UnsupportedEncodingException e) { 
      throw new SecurePreferencesException(e); 
     } 
    } 

    private static byte[] convert(Cipher cipher, byte[] bs) throws SecurePreferencesException { 
     try { 
      return cipher.doFinal(bs); 
     } 
     catch (Exception e) { 
      throw new SecurePreferencesException(e); 
     } 
    } 
}

上面的代碼是不自己,這裏是GitHub Page在那裏採購。

下面的代碼樣本用法:

SecurePreferences preferences = new SecurePreferences(context, "user-info", 
                 "YourSecurityKey", true); 
// Put (all puts are automatically committed) 
preferences.put("username", "MyUser"); 
preferences.put("password", "MyPassword"); 
// Get 
String username = preferences.getString("username"); 
String password = preferences.getString("password");

免責聲明:如果有人來電話的物理訪問,他們可能獲得的首選項文件和應用程序的二進制文件。這意味着他們可以反編譯應用程序並顯示加密中使用的密鑰,然後解密用戶信息。

但是,沒有什麼是100%安全的。存儲任何信息的最安全的方法是根本不存儲它。一個堅定的黑客幾乎可以破解任何東西,但加密信息會使其變得更加困難。

來源

2014-05-21 17:50:17

+0

如何在一段時間後重置首選項。因此,30天前登錄的用戶將不得不重新登錄 – 2015-10-04 19:13:49

相關問題

 相關問題