使用哈希用户名和密码登录Android

时间:2011-09-28 10:45:51

标签: android login sha1

我正在开发一个项目,用户必须先在应用程序中登录才能使用它。我的小问题是,当用户输入他的用户名和密码时,我必须将它们哈希并发送到服务器而不是用户输入的用户名和密码。所以现在我正在做这样的事情:

EditText txtUserName = (EditText) findViewById (R.id.username_login_input);
EditText txtPassword = (EditText) findViewById (R.id.password_login_input);

HttpClient httpclient;
HttpPost httppost;
ArrayList<NameValuePair> postParameters;
httpclient = new DefaultHttpClient();
httppost = new HttpPost("http://www.rpc.shalqlqlq.com");

postParameters = new ArrayList<NameValuePair>();
postParameters.add(new BasicNameValuePair("username_hash", hashUser(txtUserName.getText().toString(),txtPassword.getText().toString())));
postParameters.add(new BasicNameValuePair("password_hash", hashPass(txtUserName.getText().toString(),txtPassword.getText().toString())));

httppost.setEntity(new UrlEncodedFormEntity(postParameters));
HttpResponse response = httpclient.execute(httppost);
Log.w("Response ","Status line : "+ response.getStatusLine().toString());
byte[] buffer = new byte[1024];
buffer = EntityUtils.toString(response.getEntity()).getBytes();

public String hashUser(String username, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException{
String hashUser = SHA1.Sha1Hash(username);
    String hashPass = SHA1.Sha1Hash(password);
    String luser = hashPass+hashUser;
    String lastUser = SHA1.Sha1Hash(luser);
    return lastUser;
}

public String hashPass(String username, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException{
String hashUser = SHA1.Sha1Hash(username);
    String hashPass = SHA1.Sha1Hash(password);
    String lpass = hashPass+hashUser;        
    String lastPass = SHA1.Sha1Hash(lpass);
    return lastPass;
}

它仍然告诉我用户名和密码不正确。我很确定哈希是正确的,因为我已经尝试过了。那么有人可以帮我找出我的错误吗?

2 个答案:

答案 0 :(得分:1)

首先,您的哈希用户名和哈希密码是相同的:

public String hashUser(String username, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException{
    String hashUser = SHA1.Sha1Hash(username);
    String hashPass = SHA1.Sha1Hash(password);
    String luser = hashPass+hashUser; // <-- Hashed pass + user
    String lastUser = SHA1.Sha1Hash(luser); // <-- Hashed a second time
    return lastUser;
}

public String hashPass(String username, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException{
    String hashUser = SHA1.Sha1Hash(username);
    String hashPass = SHA1.Sha1Hash(password);
    String lpass = hashPass+hashUser; // <-- Hashed pass + user
    String lastPass = SHA1.Sha1Hash(lpass); // <-- Hashed a second time
    return lastPass;
}

除非服务器将每个用户名和密码存储为密码和用户名的哈希哈希,否则我猜这就是你的问题所在。

为什么不使用类似的东西:

postParameters.add(new BasicNameValuePair("username_hash", SHA1.Sha1Hash(txtUserName.getText().toString())));
postParameters.add(new BasicNameValuePair("password_hash", SHA1.Sha1Hash(txtPassword.getText().toString())));

答案 1 :(得分:0)

如果一切正常,我想问题可能是从edittext获取用户名和密码。试着放

postParameters.add(new BasicNameValuePair("username_hash", hashUser(txtUserName.getText().toString(),txtPassword.getText().toString())));
postParameters.add(new BasicNameValuePair("password_hash", hashPass(txtUserName.getText().toString(),txtPassword.getText().toString())));

在某种事件中。我猜你有一个按钮Login ..所以你在onClick方法上设置了这些参数,我认为它会起作用。

相关问题
最新问题