结组作业7
今天代码量比较小,主要是超哥对md5加密和jwt令牌的实现,附上代码
1 package org.test.tongyuzhe.utils; 2 3 import com.auth0.jwt.JWT; 4 import com.auth0.jwt.algorithms.Algorithm; 5 6 import java.util.Date; 7 import java.util.Map; 8 9 10 public class JwtUtil { 11 12 private static final String KEY = "wal"; 13 14 //接收业务数据,生成token并返回 15 public static String genToken(Map<String, Object> claims) { 16 System.out.println("------------------"); 17 System.out.println(JWT.create() 18 .withClaim("claims", claims) 19 .withExpiresAt(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 12)) 20 .sign(Algorithm.HMAC256(KEY))); 21 return JWT.create() 22 .withClaim("claims", claims) 23 .withExpiresAt(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 12)) 24 .sign(Algorithm.HMAC256(KEY)); 25 } 26 27 //接收token,验证token,并返回业务数据 28 public static Map<String, Object> parseToken(String token) { 29 return JWT.require(Algorithm.HMAC256(KEY)) 30 .build() 31 .verify(token) 32 .getClaim("claims") 33 .asMap(); 34 } 35 36 }
1 package org.test.tongyuzhe.utils; 2 3 import java.security.MessageDigest; 4 import java.security.NoSuchAlgorithmException; 5 6 public class Md5Util { 7 /** 8 * 默认的密码字符串组合,用来将字节转换成 16 进制表示的字符,apache校验下载的文件的正确性用的就是默认的这个组合 9 */ 10 protected static char hexDigits[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'}; 11 12 protected static MessageDigest messagedigest = null; 13 14 static { 15 try { 16 messagedigest = MessageDigest.getInstance("MD5"); 17 } catch (NoSuchAlgorithmException nsaex) { 18 System.err.println(Md5Util.class.getName() + "初始化失败,MessageDigest不支持MD5Util。"); 19 nsaex.printStackTrace(); 20 } 21 } 22 23 /** 24 * 生成字符串的md5校验值 25 * 26 * @param s 27 * @return 28 */ 29 public static String getMD5String(String s) { 30 return getMD5String(s.getBytes()); 31 } 32 33 /** 34 * 判断字符串的md5校验码是否与一个已知的md5码相匹配 35 * 36 * @param password 要校验的字符串 37 * @param md5PwdStr 已知的md5校验码 38 * @return 39 */ 40 public static boolean checkPassword(String password, String md5PwdStr) { 41 String s = getMD5String(password); 42 return s.equals(md5PwdStr); 43 } 44 45 46 public static String getMD5String(byte[] bytes) { 47 messagedigest.update(bytes); 48 return bufferToHex(messagedigest.digest()); 49 } 50 51 private static String bufferToHex(byte bytes[]) { 52 return bufferToHex(bytes, 0, bytes.length); 53 } 54 55 private static String bufferToHex(byte bytes[], int m, int n) { 56 StringBuffer stringbuffer = new StringBuffer(2 * n); 57 int k = m + n; 58 for (int l = m; l < k; l++) { 59 appendHexPair(bytes[l], stringbuffer); 60 } 61 return stringbuffer.toString(); 62 } 63 64 private static void appendHexPair(byte bt, StringBuffer stringbuffer) { 65 char c0 = hexDigits[(bt & 0xf0) >> 4];// 取字节中高 4 位的数字转换, >>> 66 // 为逻辑右移,将符号位一起右移,此处未发现两种符号有何不同 67 char c1 = hexDigits[bt & 0xf];// 取字节中低 4 位的数字转换 68 stringbuffer.append(c0); 69 stringbuffer.append(c1); 70 } 71 72 }
1 package org.test.tongyuzhe.filter; 2 3 import jakarta.servlet.http.HttpServletRequest; 4 import jakarta.servlet.http.HttpServletResponse; 5 import org.springframework.stereotype.Component; 6 import org.springframework.web.servlet.HandlerInterceptor; 7 import org.test.tongyuzhe.utils.JwtUtil; 8 9 import java.util.Map; 10 11 @Component 12 public class LoginInterceptor implements HandlerInterceptor { 13 @Override 14 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { 15 //获取令牌 16 String token = request.getHeader("Authorization"); 17 //验证token 18 try { 19 Map<String,Object> claims = JwtUtil.parseToken(token); 20 //没有异常就放行 21 return true; 22 } catch (Exception e) { 23 //未登录,不放行 24 System.out.println(token); 25 response.setStatus(401); 26 return false; 27 } 28 29 } 30 }
