Spring Boot项目——JWT+Token登陆超时验证
思路
- 用户登陆成功,服务端创建JWT-Token返回客户端,客户端本地系统存储
- 客户端每次请求携带token
- 配置MVC:服务端创建拦截器,对客户端请求token拦截判断
代码
- tokenUtil
package com.canaan.manager.token; import io.jsonwebtoken.*; import io.jsonwebtoken.io.Decoders; import io.jsonwebtoken.security.Keys; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.crypto.SecretKey; import java.util.*; /* * @Description tokenUtil * @Author jingguoliang * @Date 2022/8/1 18:46 * @Ver 1 **/ public class TokenUtil { private static final Logger log = LoggerFactory.getLogger(TokenUtil.class); private static String secret = "23423sjfghytsf19r3rslfphlefj385sfakfs+fsdferfd"; public static final String HEADER_TOKEN = "token"; /** * 创建token * * @param userName 用户名称 * @param password 用户密码 * @return Jwt */ public static String createToken(String userName, String password) { //签名 SecretKey secretKey = Keys.hmacShaKeyFor((byte[]) Decoders.BASE64.decode(secret)); //id String id = UUID.randomUUID().toString(); //设置Claim:优先设置,否则会覆盖其他设置 Map<String, String> claimMap = new HashMap<String, String>(); claimMap.put("userName", userName); claimMap.put("password", password); //设置过期时间 Date nowDate = new Date(); Calendar calendar = Calendar.getInstance(); calendar.setTime(nowDate); calendar.add(Calendar.HOUR, 10); Date expireDate = calendar.getTime(); //生成JWT令牌 JwtBuilder jwtBuilder = Jwts.builder() .setHeaderParam("typ", "JWT") //头参数 .setId(id) //标识 .setClaims(claimMap) //设置Claim .setIssuedAt(nowDate) //签发日期 .setExpiration(expireDate) //过期时间 .signWith(secretKey, SignatureAlgorithm.HS256);//签名 //生成签名 String jwtToken = jwtBuilder.compact(); return jwtToken; } /** * TODO 待完成 * * @param subject * @return */ public static String createRefreshToken(String subject) { SecretKey secretKey = Keys.hmacShaKeyFor((byte[]) Decoders.BASE64.decode(secret)); Date nowDate = new Date(); return Jwts.builder().setHeaderParam("typ", "JWT").setSubject(subject).setIssuedAt(nowDate).signWith(secretKey, SignatureAlgorithm.HS256).compact(); } /** * 根据token获取Claim * * @param token * @return */ public static Claims getTokenClaim(String token) { Claims claims; try { JwtParser build = Jwts.parserBuilder().setSigningKey(secret).build(); Jws<Claims> claimsJws = build.parseClaimsJws(token); claims = (Claims) claimsJws.getBody(); } catch (ExpiredJwtException e) { claims = e.getClaims(); } return claims; } /** * 判断登陆用户是否过期 * * @param expirationTime * @return */ public static boolean isTokenExpired(Date expirationTime) { return expirationTime.before(new Date()); } /** * 根据token获取用户id * * @param token * @return CurrentUser */ public static CurrentUser getCurrentUserFromToken(String token) { String id = getUserIdFromToken(token); String userName = getUserNameFromToken(token); String password = getPasswordFromToken(token); Date expiration = getExpirationDateFromToken(token); CurrentUser currentUser = new CurrentUser(); currentUser.setUserId(id); currentUser.setUserName(userName); currentUser.setPassword(password); currentUser.setExpiration(expiration); return currentUser; } /** * 根据token获取用户过期时间 * * @param token * @return */ public static Date getExpirationDateFromToken(String token) { return getTokenClaim(token).getExpiration(); } /** * 根据token获取用户id * * @param token * @return */ public static String getUserIdFromToken(String token) { return getTokenClaim(token).getId(); } /** * 根据token获取用户名称 * * @param token * @return */ public static String getUserNameFromToken(String token) { return getTokenClaim(token).get("userName").toString(); } /** * 根据token获取用户登陆密码 * * @param token * @return */ public static String getPasswordFromToken(String token) { return getTokenClaim(token).get("password").toString(); } /** * 根据token获取签发日期 * * @param token * @return */ public static Date getIssuedAtDateFromToken(String token) { return getTokenClaim(token).getIssuedAt(); } public TokenUtil() { } }
- 自定义拦截器
package com.canaan.manager.token; import com.alibaba.fastjson.JSONObject; import com.canaan.share.model.bean.RetResult; import com.canaan.share.utils.ResultUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; import java.util.Map; /* * @Description 权限拦截器 * @Author jingguoliang * @Date 2022/8/3 14:22 * @Ver 1 **/ @Component public class AuthenticationInterceptor implements HandlerInterceptor { private static final Logger logger = LoggerFactory.getLogger(AuthenticationInterceptor.class); @Autowired private TokenHandleService tokenHandleService; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String token = request.getHeader("token"); //对token进行验证:自己处理逻辑 Map<String, Object> verifyMap = tokenHandleService.verifyToken(token); boolean result = (Boolean) verifyMap.get("result"); String message = (String) verifyMap.get("message"); //验证失败 if (!result) { this.returnLoginError(message, response); } return result; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } /** * 登陆失败 * * @param message * @param response * @throws Exception */ void returnLoginError(String message, HttpServletResponse response) throws Exception { //返回登陆超时响应:自己处理逻辑 RetResult retResult = ResultUtil.error(200, "登陆用户超时,请重新登陆"); String msg = JSONObject.toJSONString(retResult); PrintWriter writer = null; response.setStatus(401); response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); try { writer = response.getWriter(); writer.print(msg); } catch (IOException e) { logger.error("response error", e); } finally { if (writer != null) writer.close(); } } }
- 配置MVC:添加拦截器
package com.canaan.manager.token; import org.springframework.context.annotation.Configuration; import org.springframework.web.method.support.HandlerMethodArgumentResolver; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import javax.annotation.Resource; import java.util.List; /* * @Description MVC配置 * @Author jingguoliang * @Date 2022/8/3 14:39 * @Ver 1 **/ @Configuration public class WebConfigConfiguration implements WebMvcConfigurer { @Resource private AuthenticationInterceptor authenticationInterceptor; /** * 添加拦截器 * * @param registry */ @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(authenticationInterceptor) .addPathPatterns("/**") .excludePathPatterns("/login/**"); //放行登陆 } }
代码下载
- 完整代码可以下载:文件token.zip 。