下面列出了java.net.HttpCookie#setHttpOnly ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
public static List<HttpCookie> getCookieList(ByteBuffer buffer) {
int len = buffer.getChar();
if (len == 0) return null;
final List<HttpCookie> list = new ArrayList<>(len);
for (int i = 0; i < len; i++) {
HttpCookie cookie = new HttpCookie(getShortString(buffer), getShortString(buffer));
cookie.setDomain(getShortString(buffer));
cookie.setPath(getShortString(buffer));
cookie.setPortlist(getShortString(buffer));
cookie.setMaxAge(buffer.getLong());
cookie.setSecure(buffer.get() == 1);
cookie.setHttpOnly(buffer.get() == 1);
list.add(cookie);
}
return list;
}
/**
* 用户登陆
*
* @param req
* @param resp
*
* @throws IOException
*/
@HttpMapping(url = "/user/login", auth = false)
public void login(HttpRequest req, HttpResponse resp) throws IOException {
LoginBean bean = req.getJsonParameter(LoginBean.class, "bean");
if (bean == null) bean = new LoginBean();
if (!bean.emptyPassword()) bean.setPassword(UserService.secondPasswordMD5(bean.getPassword()));
bean.setLoginagent(req.getHeader("User-Agent"));
bean.setLoginip(req.getRemoteAddr());
String oldsessionid = req.getSessionid(false);
if (oldsessionid != null && !oldsessionid.isEmpty()) service.logout(oldsessionid);
bean.setSessionid(req.changeSessionid());
RetResult<UserInfo> result = service.login(bean);
if (result.isSuccess() && !bean.emptyPassword()) { //必须是密码登录类
if (bean.getCacheday() > 0 && bean.emptyCookieinfo()) { //保存N天
UserInfo info = result.getResult();
int age = bean.getCacheday() * 24 * 60 * 60;
String key = (bean.emptyApptoken() ? "" : (bean.getApptoken() + "#")) + info.getUser36id() + "$0" + bean.getPassword() + "?" + age + "-" + System.currentTimeMillis();
HttpCookie cookie = new HttpCookie(COOKIE_AUTOLOGIN, UserService.encryptAES(key));
cookie.setHttpOnly(true);
cookie.setPath("/");
cookie.setMaxAge(age);
resp.addCookie(cookie);
}
}
resp.finishJson(result);
}
private void createCookie(Cookies cookies, String name, String token) {
HttpCookie jwtCookie = new HttpCookie(name, token);
jwtCookie.setSecure(true);
jwtCookie.setHttpOnly(true);
jwtCookie.setVersion(0);
cookies.set(jwtCookie);
}
public static HttpCookie toHttpCookie(JsonCookie cookieContents) {
HttpCookie cookie = new HttpCookie(cookieContents.name(), cookieContents.value());
cookie.setDomain(cookieContents.domain());
cookie.setPath(cookieContents.path());
cookie.setSecure(cookieContents.isSecure());
cookie.setHttpOnly(cookieContents.isHttpOnly());
cookie.setVersion(1); // Always set version to 1 or important fields will be dropped
return cookie;
}
@HttpMapping(url = "/user/qqlogin", auth = false)
public void qqlogin(HttpRequest req, HttpResponse resp) throws IOException {
String access_token = req.getParameter("access_token");
String openid = req.getParameter("openid");
if (finest) logger.finest("/user/qqlogin : " + openid + "," + access_token);
LoginQQBean bean = new LoginQQBean();
bean.setAccesstoken(access_token);
bean.setApptoken(req.getParameter("apptoken", ""));
bean.setOpenid(openid);
bean.setLoginaddr(req.getRemoteAddr());
bean.setLoginagent(req.getHeader("User-Agent"));
bean.setSessionid(req.changeSessionid());
RetResult<UserInfo> rr = service.qqlogin(bean);
if (rr.isSuccess()) {
UserInfo info = rr.getResult();
int age = 1000 * 24 * 60 * 60;
String key = info.getUser36id() + "$2" + info.getQqopenid() + "?" + age + "-" + System.currentTimeMillis();
HttpCookie cookie = new HttpCookie(COOKIE_AUTOLOGIN, UserService.encryptAES(key));
cookie.setHttpOnly(true);
cookie.setPath("/");
cookie.setMaxAge(age);
resp.addCookie(cookie);
}
if (access_token == null || access_token.isEmpty()) {
resp.setHeader("Location", req.getParameter("url", "/"));
resp.finish(302, null);
} else { //APP 模式
resp.finishJson(rr);
}
}
/**
* 修改密码
*
* @param req
* @param resp
*
* @throws IOException
*/
@HttpMapping(url = "/user/updatepwd")
public void updatepwd(HttpRequest req, HttpResponse resp) throws IOException {
UserPwdBean bean = req.getJsonParameter(UserPwdBean.class, "bean");
UserInfo curr = req.currentUser();
if (curr != null) bean.setSessionid(req.getSessionid(false));
RetResult<UserInfo> result = service.updatePwd(bean);
if (result.isSuccess() && curr == null) { //找回的密码
curr = result.getResult();
LoginBean loginbean = new LoginBean();
loginbean.setAccount(curr.getEmail().isEmpty() ? curr.getMobile() : curr.getEmail());
loginbean.setPassword(UserService.secondPasswordMD5(bean.getNewpwd()));
loginbean.setSessionid(req.changeSessionid());
loginbean.setLoginagent(req.getHeader("User-Agent"));
loginbean.setLoginip(req.getRemoteAddr());
result = service.login(loginbean);
}
String autologin = req.getCookie(COOKIE_AUTOLOGIN);
if (result.isSuccess() && autologin != null) {
autologin = UserService.decryptAES(autologin);
if (autologin.contains("$0")) { //表示COOKIE_AUTOLOGIN 为密码类型存储
String newpwd = UserService.secondPasswordMD5(bean.getNewpwd());
int wen = autologin.indexOf('?');
int mei = autologin.indexOf('$');
String key = autologin.substring(0, mei + 2) + newpwd + autologin.substring(wen);
HttpCookie cookie = new HttpCookie(COOKIE_AUTOLOGIN, UserService.encryptAES(key));
cookie.setHttpOnly(true);
cookie.setPath("/");
String time = autologin.substring(wen + 1);
int fen = time.indexOf('-');
int age = Integer.parseInt(time.substring(0, fen)); //秒数
long point = Long.parseLong(time.substring(fen + 1)); //毫秒数
cookie.setMaxAge(age - (System.currentTimeMillis() - point) / 1000);
resp.addCookie(cookie);
}
}
resp.finishJson(result);
}
/**
* 微信登陆 https://open.weixin.qq.com/connect/qrconnect?appid=wx微信ID&redirect_uri=xxxxx&response_type=code&scope=snsapi_login&state=wx微信ID_1#wechat_redirect
* 接收两种形式:
* WEB端微信登录: /user/wxlogin?code=XXXXXX&state=wx微信ID_1&apptoken=XXX
* APP端微信登录: /user/wxlogin?openid=XXXX&state=1&access_token=XXX&apptoken=XXX
* <p>
* @param req
* @param resp
*
* @throws IOException
*/
@HttpMapping(url = "/user/wxlogin", auth = false)
public void wxlogin(HttpRequest req, HttpResponse resp) throws IOException {
String code = req.getParameter("code");
String state = req.getParameter("state"); //state值格式: appid_autoregflag
String access_token = req.getParameter("access_token");
String openid = req.getParameter("openid");
if (finest) logger.finest("/user/wxlogin : code = " + code + ", access_token = " + access_token + ", openid = " + openid + ", state =" + state);
int pos = state.indexOf('_');
String appid = pos > 0 ? state.substring(0, pos) : state;
if (appid.length() < 2) appid = "";
boolean autoreg = (pos > 0 || "1".equals(state)) ? (state.charAt(pos + 1) == '1') : true;
final boolean wxbrowser = req.getHeader("User-Agent", "").contains("MicroMessenger");
LoginWXBean bean = new LoginWXBean();
{ //WEB方式
bean.setAppid(appid);
bean.setCode(code);
}
{ //APP方式
bean.setAccesstoken(access_token);
bean.setOpenid(openid);
}
bean.setAutoreg(autoreg);
bean.setApptoken(req.getParameter("apptoken", ""));
bean.setLoginaddr(req.getRemoteAddr());
bean.setLoginagent(req.getHeader("User-Agent"));
if (autoreg) bean.setSessionid(req.changeSessionid());
RetResult<UserInfo> rr = service.wxlogin(bean);
if (autoreg && rr.isSuccess() && (wxbrowser || (access_token != null && !access_token.isEmpty()))) {
UserInfo info = rr.getResult();
int age = 1000 * 24 * 60 * 60;
String key = (bean.emptyApptoken() ? "" : (bean.getApptoken() + "#")) + info.getUser36id() + "$1" + info.getWxunionid() + "?" + age + "-" + System.currentTimeMillis();
HttpCookie cookie = new HttpCookie(COOKIE_AUTOLOGIN, UserService.encryptAES(key));
cookie.setHttpOnly(true);
cookie.setPath("/");
cookie.setMaxAge(age);
resp.addCookie(cookie);
}
if (access_token == null || access_token.isEmpty()) { //WEB登录
resp.setHeader("Location", req.getParameter("url", "/"));
resp.finish(302, null);
} else { //APP 模式
resp.finishJson(rr);
}
}