springboot+jwt鉴权+restful梦想闲鱼(四)

jwt实战

1.引入依赖

	io.jsonwebtoken
	jjwt
	0.7.0

2.建工具类

@ConfigurationProperties("jwt.config")
public class JwtUtil {
    private String key ;
    private long ttl ;//时间
    public String getKey(){
      return key;
    }
    public void setKey(String key) {
        this.key = key;
    }
    public long getTtl() {
        return ttl;
    }
    public void setTtl(long ttl) {
        this.ttl = ttl;
    }
    /**
     * 生成JWT
     * @param id
     * @param subject
     * @param role
     */
    public String createJwt(String id, String subject, String role){
        long nowMillis = System.currentTimeMillis();
        Date now = new Date(nowMillis);
        JwtBuilder builder = Jwts.builder().setId(id)
                .setSubject(subject)
                .setIssuedAt(now)
                .signWith(SignatureAlgorithm.HS256,key)
                .claim("role",role);
        if(ttl > 0){
            builder.setExpiration(new Date(nowMillis + ttl));
        }
        return builder.compact();
    }
/**
 * 解析jwt
 * @param jwtStr
 * @return
 */
    public Claims parseJwt(String jwtStr){
        return Jwts.parser()
                .setSigningKey(key)
                .parseClaimsJws(jwtStr)
                .getBody();
    }
}

3.在applecation.yml加入配置

jwt:
 config:
  key: itcast
  ttl: 60000

4.配置bean

@Bean
public JwtUtil jwtUtil(){
    return new JwtUtil();
}

5.登录时候进行签发token

@Autowired
private JwtUtil jwtUtil;
String ids = String.valueOf(user.getId());
String token= jwtUtil.createJwt(ids,user.getLoginname(),"admin");
Map map = new HashMap<>();
map.put("token", token);
map.put("name", user.getLoginname());
result.setObject(map);

6.将解析token取出来写拦截器进行token鉴权

6.1创建拦截器

@Component
@Slf4j
public class JwtFilter extends HandlerInterceptorAdapter {
    @Autowired
    private JwtUtil jwtUtil;
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        log.info("经过jwt拦截器");
        //无论如何都放行。具体能不能操作还是在具体的操作中判断
     //拦截器只是负责把请求头中包含token令牌进行一个解析验证
     final  String authHeader = request.getHeader("Authorization");
        if(authHeader != null || "".equals(authHeader)){
            //如果包含有Authorization头信息，就对其进行解析
            final String token = authHeader;
            //对令牌进行验证
            try {
                Claims claims = jwtUtil.parseJwt(token);
                if(claims != null && !"".equals(claims)){
                    //如果是管理员
                    if("admin".equals(claims.get("role"))){
                        request.setAttribute("admin_claims",claims);
                    }
                    //如果是用户
                    if("user".equals(claims.get("role"))){
                        request.setAttribute("user_claims",claims);
                    }
                }
            } catch (Exception e) {
                throw new RuntimeException("权限不足");
            }
        }
        return true;
    }
}

6.2配置拦截类信息

@Configuration
public class ApplicationConfig extends WebMvcConfigurationSupport {
    @Autowired
    private JwtFilter jwtFilter;
    @Override
    protected void addInterceptors(InterceptorRegistry registry) {
        //super.addInterceptors(registry);
        //注册拦截器要声明拦截器对象和要拦截的请求
        registry.addInterceptor(jwtFilter)
                .addPathPatterns("/**")
                .excludePathPatterns("/**/loginvalid");
    }
}

6.3验证

Claims claims = (Claims) request.getAttribute("admin_claims");
 if(claims == null || "".equals(claims)){
     result.setSuccess(false);
     result.setMsg("权限不足");
     return result;
 }
 String ids = claims.getId();
 id = Integer.valueOf(ids);