2

我正在构建一个与我的 LogInScreen 类集成的简单的创建帐户用户 GUI。它创建一个简单的用户,将其序列化,然后让我在我的登录程序中使用该访问权限。问题是,当我输入密码时,它们永远不会正确。我总是遇到一个问题,我的程序告诉我我的密码不一样。我不确定如何解决这个问题,我想知道如何解决。我将在下面发布我的代码(整个事情,以及我的序列化类,因为问题可能在这里)。

用户等级:

package passwordProgram;

import java.util.ArrayList;

import java.awt.BorderLayout;
import java.awt.Color;
import java.awt.GridBagConstraints;
import java.awt.GridBagLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;

import java.io.Serializable;

import javax.swing.JButton;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JPasswordField;
import javax.swing.JTextField;
import javax.swing.UIManager;

public class User implements Serializable, ActionListener {

    public static ArrayList<String> allUsernames = new ArrayList<String>();

    String username;
    String password;

    public static void main(String[] args) {
        try {
            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
        } catch (Exception e) {
            e.printStackTrace();
        }
        User user = new User();
        user.mainGUI();
    }



    JFrame frame;
    JPanel panel;
    JTextField createUsername;
    JPasswordField createPassword;
    JPasswordField confirmPassword;
    JButton createAccount;
    JLabel noValid;

    public void mainGUI() {
        noValid = new JLabel();
        frame = new JFrame("Create a new account!");
        panel = new JPanel();
        panel.setBackground(Color.ORANGE);
        createPassword = new JPasswordField(10);
        confirmPassword = new JPasswordField(10);
        createUsername = new JTextField(10);
        JLabel userTxt = new JLabel("New Username: ");
        JLabel userPass = new JLabel("New Password: ");
        JLabel confirmPass = new JLabel("Confirm Password: ");
        createAccount = new JButton("Create your account!");

        panel.setLayout(new GridBagLayout());
        GridBagConstraints left = new GridBagConstraints();
        left.anchor = GridBagConstraints.WEST;
        GridBagConstraints right = new GridBagConstraints();
        right.anchor = GridBagConstraints.EAST;
        right.weightx = 2.0;
        right.fill = GridBagConstraints.HORIZONTAL;
        right.gridwidth = GridBagConstraints.REMAINDER;

        frame.getContentPane().add(BorderLayout.NORTH, noValid);
        frame.getContentPane().add(BorderLayout.CENTER, panel);
        panel.add(userTxt, left);
        panel.add(createUsername, right);
        panel.add(userPass, left);
        panel.add(createPassword, right);
        panel.add(confirmPass, left);
        panel.add(confirmPassword, right);

        frame.getContentPane().add(BorderLayout.SOUTH, createAccount);
        frame.setVisible(true);
        frame.setSize(500, 300);

        createAccount.addActionListener(this);
    }

    public void actionPerformed(ActionEvent event) {
        if (createUsername.getText().length() <= 0 ) {
            noValid.setText("That is not a valid username. Please try again.");
            frame.getContentPane().add(BorderLayout.NORTH, noValid);
        }

        else if (allUsernames.contains(createUsername.getText())) {
            noValid.setText("That username is already taken. Please try again.");
            frame.getContentPane().add(BorderLayout.NORTH, noValid);
        }

            //THIS IS THE PART I'M CONFUSED ABOUT
        else if (!(createPassword.getPassword().equals(confirmPassword.getPassword()))) {
            noValid.setText("Your passwords do not match!");
            frame.getContentPane().add(BorderLayout.NORTH, noValid);
        } else {    
            SaveUser sUser = new SaveUser();
            sUser.createAccount(this);
            noValid.setText("Account created successfully");
            frame.getContentPane().add(BorderLayout.NORTH, noValid);
        }
    }
}

和序列化类:

package passwordProgram;

import java.io.FileOutputStream;
import java.io.ObjectOutputStream;

public class SaveUser {
    public void createAccount(User u) {
        try {
            FileOutputStream fileOS = new FileOutputStream("userInfo.txt");
            ObjectOutputStream objectOS = new ObjectOutputStream(fileOS);
            objectOS.writeObject(u);
            objectOS.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
4

5 回答 5

7

getPassword()回报char[],不是String。利用

!(Arrays.equals(createPassword.getPassword(), confirmPassword.getPassword()))

反而

于 2013-04-20T02:37:55.733 回答
5

除非这是一个玩具项目,否则不应以明文形式存储密码。相反,存储密码的哈希值;当用户登录时,对密码进行哈希处理并将其与存储的哈希值进行比较。 这个问题的接受答案有一些示例哈希代码

于 2013-04-20T02:38:34.007 回答
3

您正在比较char数组Objects(由getPassword()返回)而不是数组本身的内容。比较这两个数组的最安全方法是使用Arrays#equals

else if (!(Arrays.equals(createPassword.getPassword(), 
                            confirmPassword.getPassword()))) {
于 2013-04-20T02:36:05.130 回答
3

JPasswordField.getPassword()返回一个char[]。用两个 char 数组调用array1.equals(array2)(就像你正在做的那样)将检查它们是否是相同的对象引用,而不是它们是否具有相同的内容。您想使用`Array.equals(char[] array1, char[] array2),如下所示:

else if (!Array.equals(createPassword.getPassword(), confirmPassword.getPassword()))
于 2013-04-20T02:37:35.140 回答
2

getPassword()返回一个char[]。所以改为尝试:

if (!(new String(createPassword.getPassword()).equals(new String(confirmPassword.getPassword()))
于 2013-04-20T02:34:46.460 回答