pom文件
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.5.0</version>
</dependency>
生成token
import com.alibaba.fastjson.JSON;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.demo.entity.Role;
import java.time.LocalDateTime;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
/**
* @author admin
*/
public class TokenUtil {
/**
* token過期時(shí)間
*/
private static final long EXPIRE_TIME = 60 * 60 * 1000;
/**
* token秘鑰
*/
private static final String TOKEN_SECRET = "secret";
/**
* 生成token,30分鐘過期
*
* @param username 用戶名
* @param loginTime 登錄時(shí)間
* @return 生成的token
*/
public static String sign(String username, LocalDateTime loginTime, Role role) {
try {
// 設(shè)置過期時(shí)間
Date date = new Date(System.currentTimeMillis() + EXPIRE_TIME);
// 私鑰和加密算法
Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET);
// 設(shè)置頭部信息
Map<String, Object> header = new HashMap<>(3);
header.put("Type", "Jwt");
header.put("alg", "HS256");
// 返回token字符串
return JWT.create()
.withHeader(header)
// 設(shè)置token中需要加載的用戶信息
.withClaim("loginName", username)
.withClaim("loginTime", loginTime.toString())
.withClaim("role", JSON.toJSONString(role))
.withExpiresAt(date)
.sign(algorithm);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 檢驗(yàn)token是否正確
*
* @param token 需要校驗(yàn)的token
* @return 校驗(yàn)是否成功
*/
public static boolean verify(String token) {
try {
//設(shè)置簽名的加密算法:HMAC256
Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET);
JWTVerifier verifier = JWT.require(algorithm).build();
verifier.verify(token);
return true;
} catch (Exception e) {
return false;
}
}
}
攔截器
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import com.demo.util.JsonResult;
import com.demo.util.TokenUtil;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @author admin
*/
@Component
@Slf4j
public class TokenInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String requestMethod = "OPTIONS";
if (StringUtils.equals(requestMethod, request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
return true;
}
String token = request.getHeader("Authorization");
if (StringUtils.isNotBlank(token)) {
if (TokenUtil.verify(token)) {
return true;
}
}
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
response.setStatus(401);
JsonResult jsonResult = JsonResult.failMessage("認(rèn)證失敗", 401);
response.getWriter().append(JSON.toJSONString(jsonResult));
return false;
}
}
設(shè)置攔截白名單
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.ArrayList;
import java.util.List;
/**
* @author admin
*/
@Component
public class IntercepterConfig implements WebMvcConfigurer {
private TokenInterceptor tokenInterceptor;
//構(gòu)造方法
public IntercepterConfig(TokenInterceptor tokenInterceptor) {
this.tokenInterceptor = tokenInterceptor;
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
List<String> excludePath = new ArrayList<>();
//登錄
excludePath.add("/system/*");
registry.addInterceptor(tokenInterceptor)
.addPathPatterns("/**")
.excludePathPatterns(excludePath);
//除了登陸接口其他所有接口都需要token驗(yàn)證
WebMvcConfigurer.super.addInterceptors(registry);
}
}
