利用Cookie保存用户身份信息实现免登录

 <%@page import="sun.misc.BASE64Encoder"%>
 <%@page import="java.util.Base64.Encoder"%>
 <%@page import="java.security.MessageDigest"%>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
     pageEncoding="UTF-8"%>
 <%!
     //定义MD5加密的KEY
     public static final String KEY = "wooyoohoo@163.com";
 %>
 <%
     //设置请求和响应的编码格式
     request.setCharacterEncoding("utf-8");
     response.setCharacterEncoding("utf-8");     //判断用户的行为
     String action = request.getParameter("action");     System.out.println(action);     if("login".equals(action)){
         //登录
         String userName = request.getParameter("username");
         String pwd = request.getParameter("password");
         //获取有效时长
         String time = request.getParameter("time");         if(userName!=null && !userName.isEmpty()){
             MessageDigest digest = MessageDigest.getInstance("MD5");
             //将用户名称+KEY进行MD5加密
             String encodeStr = new BASE64Encoder().encode(digest.digest((userName+KEY).getBytes("utf-8")));
             //保存用户名称
             Cookie userNameCookie = new Cookie("username",userName);
             Cookie encodeCookie = new Cookie("ssid",encodeStr);             //设置有效期
             userNameCookie.setMaxAge(Integer.parseInt(time));
             encodeCookie.setMaxAge(Integer.parseInt(time));             //设置Cookie
             response.addCookie(userNameCookie);
             response.addCookie(encodeCookie);             //重新访问该页面(添加参数System.currentTimeMillis()禁止浏览器缓存页面内容)------------->此处重新请求该页面是为了在一个页面中处理完毕所有逻辑
             response.sendRedirect(request.getRequestURI()+"?"+System.currentTimeMillis());
             return;
         }
     }else if("logout".equals(action)){
         //退出[清除userNameCookie和encodeCookie]
         Cookie userNameCookie = new Cookie("username","");
         Cookie encodeCookie = new Cookie("ssid","");         userNameCookie.setMaxAge(0);
         encodeCookie.setMaxAge(0);         response.addCookie(userNameCookie);
         response.addCookie(encodeCookie);         //重新访问该页面(添加参数System.currentTimeMillis()禁止浏览器缓存页面内容)------------->此处重新请求该页面是为了在一个页面中处理完毕所有逻辑
         response.sendRedirect(request.getRequestURI()+"?"+System.currentTimeMillis());
         return;
     }     String account = null;
     String ssid = null;     boolean isLogin = false;     //获取Cookie信息
     Cookie[] cookies = request.getCookies();
     if(cookies!=null && cookies.length>0){
         //判断用户信息
         for(int i=0;i<cookies.length;i++){
             if(cookies[i].getName().equals("username")){
                 //获取账号
                 account = cookies[i].getValue();
             }else if(cookies[i].getName().equals("ssid")){
                 //获取账号和KEY加密后的字符串
                 ssid = cookies[i].getValue();
             }
         }
     }     if(account!=null && ssid!=null){
         System.out.println(account);
         String getSSID = new BASE64Encoder().encode(MessageDigest.getInstance("MD5").digest((account+KEY).getBytes("utf-8")));
         System.out.println(getSSID);
         System.out.println(ssid);
         if(getSSID.equals(ssid)){
             isLogin = true;
         }
     }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 <title>利用Cookie实现永久登录</title>
 </head>
 <body>
     <%
         if(isLogin){
             %>
                 <!-- 显示登陆后的信息 -->
                 <span>欢迎回来<% out.print(account);%></span><button onclick="javascript:{window.location.href='<%=request.getRequestURI()%>?action=logout'}">注销</button>
             <%
         }else{
             %>
                 <!-- 显示登录界面进行登录操作 -->
                 <form action="<%=request.getRequestURI()%>?action=login" method="post">
                     账号:&nbsp;<input type="text" name="username"><br>
                     密码：<input type="password" name="password">
                     <br>
                     <input type="radio" value="<%=30*60 %>" name="time">30分钟有效<br>
                     <input type="radio" value="<%=7*24*60*60 %>" name="time">7天有效<br>
                     <input type="radio" value="<%=30*24*60*60 %>" name="time">30天有效<br>
                     <input type="submit" value="登录">
                 </form>
             <%
         }
     %>
 </body>
 </html>