1.导入包
<dependency> <groupId>org.springframework.boot</groupId> <artifactid>spring-boot-starter-security</artifactid> </dependency>
2.JWTUtils
public class JWTUtils { private static final String SING="12345678"; //生成token public static String getToken(Map<String,String> map){ Calendar instance = Calendar.getInstance(); instance.add(Calendar.SECOND, 30);//过期 JWTCreator.Builder builder = JWT.create(); map.forEach((k,v)->{ builder.withClaim(k,v); }); String token = builder.withExpiresAt(instance.getTime()) .sign(Algorithm.HMAC256(SING)); return token; } //验证token合法性 public static DecodedJWT verify(String token){ return JWT.require(Algorithm.HMAC256(SING)).build().verify(token); } }
3.JWTInterceptor
public class JWTInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response,Object handler) throws IOException { Map<String,Object> map = new HashMap<>(); //获取请求头中令牌 String token = request.getHeader("token"); try { JWTUtils.verify(token); return true; }catch (SignatureVerificationException e){ e.printStackTrace(); map.put("msg","无效签名!"); }catch (TokenExpiredException e){ e.printStackTrace(); map.put("msg","token过期!"); }catch (AlgorithmMismatchException e) { e.printStackTrace(); map.put("msg", "token算法不一致!"); } catch (Exception e) { e.printStackTrace(); map.put("msg", "token无效"); } map.put("state",false);//设置状态 //将map 专为json jackson String json = new ObjectMapper().writeValueAsString(map); response.setContentType("application/json;charset=UTF-8"); response.getWriter().println(json); return false; } }
4.JWTConfig
@Component public class JWTConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry){ registry.addInterceptor(new JWTInterceptor()) .addPathPatterns("/**") .excludePathPatterns("/jc/login"); } }
5.登录及获取
Map<String,String> map=new HashMap<>(); map.put("uname", userm.getName()); String token=JWTUtils.getToken(map);
String token=request.getHeader("token"); DecodedJWT verify= JWTUtils.verify(token); String uname=verify.getClaim("uname").asString();