我在如何以及在何处比较我在注册 servlet 上散列的密码和我在登录名上散列的密码时遇到了问题。
希望你们能帮助我。谢谢。登录 servlet:
String password = request.getParameter("pword");
String haspw = BCrypt.hashpw(password, salt);
/* if username and password match*/
UserIO io = new UserIO();
authenticate = io.LogAccount(username, haspw);
if (authenticate == true) {
uri = "Homepage.jsp";
session.setAttribute("active", username);
} else {
uri = "/WEB-INF/jsp/error.jsp";
}
RequestDispatcher rd = request.getRequestDispatcher(uri);
rd.forward(request, response);
out.close();
用户IO
if (registered_name.isEmpty() ||registered_pass.isEmpty()) { //registered_name.equals(username) && registered_pass.equals(password)
//uri = "Homepage.jsp";
hasInfo = false;
} else if (registered_name.equals(username) && registered_pass.equals(password)) {
hasInfo = true;
}
注册服务奴
String pword = request.getParameter("pword");
String hashed = BCrypt.hashpw(pword, salt);
使用方法checkpw:
BCrypt.checkpw(pword, salt);
这将返回一个布尔值作为比较。