springboot--jwt授权

版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接: https://blog.csdn.net/qq_42813491/article/details/102682553

简介

  • 关于jwt授权是什么东西,请参考这里

maven依赖

 <dependency>
       <groupId>com.auth0</groupId>
        <artifactId>java-jwt</artifactId>
        <version>3.8.3</version>
 </dependency>

Token生成与验证



public class TokenHelper {

    //设置token过期时间 一星期
    private static final long EXPIRE_TIME = 1000*60*60*24*7 ;

    //静态密钥&&签名算法

    private static final Algorithm ALGORITHM=Algorithm.HMAC256("helloWorld");

     //签名生成

    public static String sign(String key1,String val1,String key2,String val2) {

        String token;
        try {

            Date expiresAt = new Date(System.currentTimeMillis() + EXPIRE_TIME);
            token = JWT.create()
                    .withIssuer("auth0")
                    //user_name
                    .withClaim(key1,val1)
                    //password
                    .withClaim(key2,val2)
                    //过期时间
                    .withExpiresAt(expiresAt)
                    //签名算法
                    .sign(ALGORITHM);
            return token;
        } catch (Exception e) {
            System.out.println("sign error:" + e.getMessage());
            return null;
        }


    }


    public static   Map<String, Claim> verify(String token) {


        try {
            JWTVerifier verifier = JWT.require(ALGORITHM)
                    .withIssuer("auth0").build();
            DecodedJWT jwt = verifier.verify(token);

            Map<String, Claim> claims = jwt.getClaims();

            return  claims;
        } catch (Exception e) {
            System.out.println("verify error:" + e.getMessage());
            return null;
        }

    }


}

cookie 工具类



public class CookieHelper {

    public static String getTokenFromCookies(HttpServletRequest req, String name) {

        String token="";
        Cookie[] cookies = req.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals(name)) {
                    token= cookie.getValue();
                }
            }
        }else{
            token=null;
        }
        return token;
    }
}




拦截器



public class PrivateFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) {

    }

    @Override
    public void doFilter(
            ServletRequest request,
            ServletResponse response,
            FilterChain filterChain
    ) {
        try {
            HttpServletRequest req = (HttpServletRequest) request;
            HttpServletResponse res = (HttpServletResponse) response;

            //获取cookies中的token

            String token = CookieHelper.getTokenFromCookies(req, "自定义的cookie名");

            //验证token
            Map<String, Claim> verify = TokenHelper.verify(token);

            if (verify == null) {
                res.getWriter().write("token is invalid");
            } else {
                filterChain.doFilter(request, response);
            }


        } catch (Exception e) {
            System.out.println(e.getMessage());
        }
    }

    @Override
    public void destroy() {

    }
}

注册拦截器



@Configuration
public class BeanRegisterConfig {

    @Bean
    public FilterRegistrationBean createFilterBean() {
        //过滤器注册类

        FilterRegistrationBean registration = new FilterRegistrationBean();

        registration.setFilter(new PrivateFilter());
        //需要过滤的接口

        registration.addUrlPatterns("/user/hello");


        return registration;
    }
}

登录成功–下发token

  String token = TokenHelper.sign("user_name", user_name, "password", password);

猜你喜欢

转载自blog.csdn.net/qq_42813491/article/details/102682553
今日推荐