maven依赖
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>2.2.0</version>
</dependency>
public class JwtUtils { /** * 密钥 */ private static final String SECRET="xxxx"; /** * 默认字段key:exp */ private static final String EXP="exp"; /** * 默认字段key:payload */ private static final String PAYLOAD="payload"; /** * 加密
* @param object 加密数据
* @param maxTime 有效期(毫秒数)
* @param <T>
* @return */ public static <T> String encode(T object,long maxTime){ try{ final JWTSigner signer=new JWTSigner(SECRET); final Map<String ,Object> data=new HashMap<>(10);
ObjectMapper objectMapper=new ObjectMapper();
String jsonString=objectMapper.writeValueAsString(object);
data.put(PAYLOAD,jsonString);
data.put(EXP,System.currentTimeMillis()+maxTime); return signer.sign(data);
} catch (IOException e) {
e.printStackTrace(); return null;
}
} /** * 数据解密
* @param jwt 解密数据
* @param tClass 解密类型
* @param <T>
* @return */ public static <T> T decode(String jwt,Class<T> tClass) { final JWTVerifier jwtVerifier = new JWTVerifier(SECRET); try { final Map<String, Object> data = jwtVerifier.verify(jwt); //判断数据是否超时或者符合标准 if (data.containsKey(EXP) && data.containsKey(PAYLOAD)) { long exp = (long) data.get(EXP); long currentTimeMillis = System.currentTimeMillis(); if (exp > currentTimeMillis) {
String json = (String) data.get(PAYLOAD);
ObjectMapper objectMapper = new ObjectMapper(); return objectMapper.readValue(json, tClass);
}
} return null;
} catch (Exception e) { //e.printStackTrace(); return null;
}
} //解密token取出userId public static <T> T updateDecode(String jwt,Class<T> tClass){ final JWTVerifier jwtVerifier = new JWTVerifier(SECRET); try { final Map<String, Object> data = jwtVerifier.verify(jwt);
String json = (String) data.get(PAYLOAD);
ObjectMapper objectMapper = new ObjectMapper(); return objectMapper.readValue(json, tClass);
} catch (Exception e) { //e.printStackTrace(); return null;
}
} public static void main(String[] args) throws InterruptedException { // 有效期10秒 // 加密: // TestCenterAdministratorsVO test = new TestCenterAdministratorsVO(); // test.setId(1L); // test.setLoginName("sa"); // String token=encode(test,1000000); // System.out.println("TOKEN======="+token); // //Thread.sleep(10000); //// 解密 // TestCenterAdministratorsVO user=decode(token,TestCenterAdministratorsVO.class); // System.out.println(user.getId()+user.getLoginName()); //removeDecode("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NDcwODkwNTYxNDgsInBheWxvYWQiOiJ7XCJpZFwiOjEsXCJuYW1lXCI6bnVsbCxcInBob25lTnVtYmVyXCI6bnVsbCxcImxvZ2luTmFtZVwiOlwic2FcIixcInNlcmlhbE51bWJlclwiOm51bGwsXCJ0eXBlXCI6bnVsbCxcInRlc3RDZW50ZXJJZFwiOm51bGwsXCJvcmdhbml6YXRpb25JZFwiOm51bGwsXCJtYWluU2l0ZUFkbWluXCI6ZmFsc2UsXCJhZG1pblwiOmZhbHNlLFwib3JnYW5pemF0aW9uTmFtZVwiOm51bGx9In0.FgYm4wSDhkZukqlRukjwvxQ1BM746AWQfCmGucMP3pc"); updateDecode("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NDcwMTgxNTU4OTYsInBheWxvYWQiOiJ7XCJpZFwiOjIwMTAwMDAzMyxcIm5hbWVcIjpcIuW6numTtuaYjFwiLFwicGhvbmVOdW1iZXJcIjpudWxsLFwibG9naW5OYW1lXCI6XCJwYW5neWluY2hhbmdcIixcInNlcmlhbE51bWJlclwiOm51bGwsXCJ0eXBlXCI6XCJNQUlOU0lURUFETUlOXCIsXCJ0ZXN0Q2VudGVySWRcIjo3OSxcIm9yZ2FuaXphdGlvbklkXCI6XCIwMDFcIixcIm1haW5TaXRlQWRtaW5cIjp0cnVlLFwiYWRtaW5cIjpmYWxzZSxcIm9yZ2FuaXphdGlvbk5hbWVcIjpudWxsfSJ9.yrYlU4djPPQyu1mneQgkVgLCEQiJ2pKkyX8EVw0NcY8",TestCenterAdministratorsVO.class);
}
}
跨域设置拦截器
import com.alibaba.fastjson.JSONObject; import org.springframework.web.bind.annotation.RequestMethod; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Created with IDEA
* author:QinWei
* Date:2019/1/8
* Time:16:15 */ public class AjaxFilter implements Filter {
@Override public void destroy() {
}
@Override public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res; //禁止首页访问 String url = request.getRequestURI(); if("/".equals(url)){ return;
} // 指定允许其他域名访问 response.setHeader("Access-Control-Allow-Origin", "*"); // 响应类型 response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, OPTIONS, DELETE"); // 响应头设置 response.setHeader("Access-Control-Allow-Headers", "Content-Type, x-requested-with, X-Custom-Header, HaiYi-Access-Token");
chain.doFilter(req, res);
}
@Override public void init(FilterConfig arg0) throws ServletException {
}
}
web.xml
<filter>
<filter-name>ajaxFilter</filter-name>
<filter-class>*.*.*.web.servlet.barcode.AjaxFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ajaxFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
拦截token过滤器,包含获取spring--bean手动注入
response .setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
String actionName = context.getActionInvocation().getProxy().getActionName();
String url = request.getRequestURI();
ServletContext application = ServletActionContext.getServletContext();
WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(application); this.testCenterService = (TestCenterService)ctx.getBean("testCenterService"); if(!url.equals("/login")){ //悠闲判断是否为空或者时间是否失效 String token = request.getParameter("token");
TestCenterAdministratorsVO user = JwtUtils.decode(token, TestCenterAdministratorsVO.class); if(null==token||"".equals(token)||null==user){
out.print(Message.error(0,"token不合法!")); return null;
}else{ try { //再次判断数据库状态 TestCenterAdministratorsVO users = JwtUtils.updateDecode(token, TestCenterAdministratorsVO.class);
String tokens = testCenterService.scheckToken(token,users.getId()); if(null==tokens){
out.print(Message.error(0,"token不合法!")); return null;
}
}catch (Exception e){
out.print(Message.error()); return null;
}
}
}
加群:687942640
微信扫描公众号
?
如果您觉得本文的内容对您的学习有所帮助:
关键字:
获取token