JWT工具类,SpringBoot整合Jwt使用

引入依赖

		
        <dependency>
            <groupId>io.jsonwebtokengroupId>
            <artifactId>jjwtartifactId>
            <version>0.9.1version>
        dependency>
        
        <dependency>
            <groupId>javax.xml.bindgroupId>
            <artifactId>jaxb-apiartifactId>
            <version>2.3.1version>
        dependency>
        <dependency>
            <groupId>com.sun.xml.bindgroupId>
            <artifactId>jaxb-implartifactId>
            <version>3.0.2version>
        dependency>
        <dependency>
            <groupId>com.sun.xml.bindgroupId>
            <artifactId>jaxb-coreartifactId>
            <version>3.0.2version>
        dependency>
        <dependency>
            <groupId>javax.activationgroupId>
            <artifactId>activationartifactId>
            <version>1.1.1version>
        dependency>

示例

复制下拉即可测试使用了

package xx.convert.util;

import io.jsonwebtoken.*;

import java.util.Date;
import java.util.UUID;

/**
 * Jwt-token工具类
 * @author yyq
 */
public class JwtUtil {

    private static long expire_time = 2000 ; // 2秒是做测试用的(设置一个钟 1000 * 60 * 60 * 1)
    private static String sign = "AsldjlJDLKKJSDKLFJlksjlkjlkSDL"; // 加密签名密钥

    /**
     * 创建token返回
     * @return
     */
    public static String createToken() {
        // 创建一个JwtBuilder对象
        JwtBuilder jwtBuilder = Jwts.builder();
        // jwtToken -> abc.def.xyz
        String jwtToken = jwtBuilder
                // Header:头部
                .setHeaderParam("typ", "JWT")
                .setHeaderParam("alg", "HS256")
                // PayLoad:载荷(用户信息,就是需要保存的数据)
                .claim("userId", "101")
                .claim("userName", "zhangsan")
                .claim("roleName", "admin")
                .setSubject("user-info") // 这个载荷的名称
                // Token的过期时间
                .setExpiration(new Date(System.currentTimeMillis() + expire_time)) // 从当前系统时间往后存活一小时
                // id字段
                .setId(UUID.randomUUID().toString())
                // 设置加密算法和签名
                .signWith(SignatureAlgorithm.HS256, sign)
                // 使用”."连接成一个完整的字符串
                .compact();
        return jwtToken;
    }

    /**
     * 获取解析的用户信息
     * @param token
     * @return Claims
     */
    public static Claims parserJwt(String token){
        if (token == null || token.trim().length() == 0){
            return null;
        }
        Jws<Claims> jws = Jwts.parser().setSigningKey(sign).parseClaimsJws(token);
        return jws.getBody(); // 存储的用户信息
    }

    /**
     * 获取解析的用户ID
     * @param token
     * @return
     */
    public static String parserJwtById(String token){
        if (token == null || token.trim().length() == 0){
            return "";
        }
        Jws<Claims> jws = Jwts.parser().setSigningKey(sign).parseClaimsJws(token);
        return (String)jws.getBody().get("userId"); // 存储的用户信息
    }

    /**
     * 校验token
     * @param token
     * @return
     */
    public static boolean checkToken(String token){
        if (token == null || token.trim().length() == 0){
            return false;
        }
        try{
            Jwts.parser().setSigningKey(sign).parseClaimsJws(token);
        }catch (Exception e){
            e.printStackTrace();
            return false;
        }
        return true;
    }


    /**
     * 开始测试
     * @param args
     * @throws InterruptedException
     */
    public static void main(String[] args) throws InterruptedException {
        System.out.println("------------------------------【创建token】---------------------------");
        String token = JwtUtil.createToken();
        System.out.println(token);
        System.out.println("------------------------------【第一次解析】---------------------------");
        boolean b = JwtUtil.checkToken(token);
        System.out.println(b);
        if(b){
            Claims claims = parserJwt(token);
            System.out.println(claims.getExpiration());
            System.out.println(claims.getSubject());
            System.out.println(claims.get("userId"));
            System.out.println(claims.get("userName"));
            System.out.println(claims.get("roleName"));
        }else {
            System.out.println("========token失效=========");
        }

        System.out.println("------------------------------【延迟3秒】---------------------------");
        Thread.sleep(3000);
        System.out.println("------------------------------【第二次解析】---------------------------");
        b = JwtUtil.checkToken(token);
        System.out.println(b);
        if(b){
            Claims claims = parserJwt(token);
            System.out.println(claims.getExpiration());
            System.out.println(claims.getSubject());
            System.out.println(claims.get("userId"));
            System.out.println(claims.get("userName"));
            System.out.println(claims.get("roleName"));
        }else {
            System.out.println("========token失效=========");
        }
    }

}

实际项目使用

拦截器
关键preHandle方法,其他附带的

package xx.convert.util;

import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


/**
 * 拦截器
 * @author yyq
 */
@Component
public class MyInterceptor implements HandlerInterceptor {


	/**
	 * 执行前
	 * @param arg0
	 * @param arg1
	 * @param arg2
	 * @return
	 * @throws Exception
	 */
	@Override
	public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2) throws Exception {
		// 请求路径,如需指定,则判断校验
		String url = arg0.getRequestURI();
		if(url.indexOf("views") != -1){
			String token = arg0.getHeader("token");
			boolean b = JwtUtil.checkToken(token);
			if(!b){
				return false;
			}else {
				String userId = JwtUtil.parserJwtById(token);
				arg0.setAttribute("userId", userId);
			}
		}
		return true;
	}

	/**
	 * 执行后
	 * @param arg0
	 * @param arg1
	 * @param arg2
	 * @param arg3
	 * @throws Exception
	 */
	@Override
	public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
			throws Exception {
		// TODO Auto-generated method stub
	}

	/**
	 * 页面渲染
	 * @param arg0
	 * @param arg1
	 * @param arg2
	 * @param arg3
	 * @throws Exception
	 */
	@Override
	public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
			throws Exception {
		// TODO Auto-generated method stub
	}

}

跨越问题解决

关键addCorsMappings方法,其他附带的

package xx.convert.util;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;


/**
 * 视图处理器
 *
 * @author yyq
 */
@Configuration
public class MyWebMvcConfig implements WebMvcConfigurer {

    @Value("${file.upload.path}")
    private String uploadFolder = "D://nginx//projectName//";
    @Autowired
    private MyInterceptor myInterceptor;

    /**
     * 跨越问题解决
     * @param registry
     */
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        // 为url添加映射路径(配置域名下的资源)
        registry.addMapping("/**")
                // 配置允许访问的源,*表示允许全部域名。(小于springboot 2.4版本)
                .allowedOrigins("*")
                // 如果版本高于springboot 2.4,则使用
                //.allowedOriginPatterns("*")
                // 设置允许的请求方式
                .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")
                // 设置允许的header
                .allowedHeaders("*")
                // 设置是否允许发送Cookie,用于凭证请求,默认不发送cookie。
                .allowCredentials(true)
                // 设置预检请求的有效时间
                .maxAge(3600);
    }

    /**
     * 静态文件路径设置
     *
     * @param registry
     */
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {

        // String path1 = ResourceUtils.getURL("classpath:").getPath();
        // String path2 = ClassUtils.getDefaultClassLoader().getResource("").getPath();

        registry.addResourceHandler("/**")
                .addResourceLocations("classpath:/static/", "file:" + uploadFolder);// 上传的图片代理文件夹路径
        registry.addResourceHandler("swagger-ui.html")
                .addResourceLocations("classpath:/META-INF/resources/");
    }

    /**
     * 拦截器配置
     *
     * @param registry
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(myInterceptor)
                .addPathPatterns("/**");//所有请求都被拦截,包括静态资源
        /*registry.addInterceptor(new InterceptorConfig())
                .addPathPatterns("/**")//所有请求都被拦截,包括静态资源
                .excludePathPatterns("/","/login","/css/**","/fonts/**","/images/**","/js/**");//放行的请求*/
    }


}

你可能感兴趣的:(后端封装效果,后端,spring,boot,后端,java,jwt,跨越问题处理)