php login on android with cookie_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-03-19 06:07 出处：网络

i need some pointers here. So basically what I\'ve done is i\'ve created a form to be used to login to a web server. So, from the response code i am able to get a status code of 200 through wireshark.

i need some pointers here. So basically what I've done is i've created a form to be used to login to a web server. So, from the response code i am able to get a status code of 200 through wireshark. The normal path of this browser login system is

password + id > index.php >(if true) > index2.php but, on the android app, apparently it does not redirect though, i'm not sure if its suppose to? I've tried using Jsoup.connect(URL).cookie(sessionid which i don't know why, is always null).get(); but as it is always null, it is not going to work. The cookie header if correct is "PHPSESSID=somenumie开发者_运维百科ricavalue" or am i looking at the wrong thing from wireshark? and another thing, as i've said i tried using Jsoup.connect method and also HttpURLConnection also, following Android HTTP login questions but, when it comes to the part where i need to check the header and value i'm lost :(.

if(response.getStatusLine().getStatusCode() == 200){
                        HttpEntity entity = response.getEntity();
                        Log.d("login", "success!");
                        if(entity != null){
                         cookies = client.getCookieStore();

i'm lost here when Pompe says do some more stuff. Absolute lost here. Another part is the next part where it uses wireshark. lost too. :(

The cookie should generally be handled by the HttpClient correctly: you just have to use the same HttpClient instance to log in that you use for your actual requests, and the cookie should be maintained across all requests. As an example, this is a specific login sequence I use: in my case I use a Location redirect as a success symbol, but you can use a 200 OK status line instead. If this returns true then the cookie store in the HttpClient instance session has the appropriate cookie and I can access any protected URLs just fine.

public synchronized boolean login() throws Exception
    {
    HttpGet httpget;
    HttpPost httpost = new HttpPost(base + "auth/login");
    List<NameValuePair> nvps = new ArrayList<NameValuePair>();
    nvps.add(new BasicNameValuePair("username", this.username));
    nvps.add(new BasicNameValuePair("password", this.password));
    httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
    HttpResponse r = session.execute(httpost);

    // verify it succeeded
    HttpEntity entity = r.getEntity();
    Header lhdr = r.getFirstHeader("Location");
    if (lhdr != null) {
        // failed
        System.err.println("Login request failed:");
        if (entity != null && entity.getContentEncoding() != null) {
        dump("Login Request",
             new InputStreamReader(entity.getContent(), entity
                       .getContentEncoding().getValue()));
        }
        return false;
    }
    if (entity != null) entity.consumeContent();    
    return true;
    }