Springboot+jwt完成登陸認證

時間  2020-12-22
標籤 java web redis 算法 spring json app ide post 欄目 Spring 简体版
原文   原文鏈接

實體Entity
在這裏插入圖片描述
java

package com.example.demo.Entity;
import javax.persistence.*;
@Table
@Entity(name="redis")
public class SysRedis{ 
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private int id;
    private String password;
    private String username;
    public int getId() { 
        return id;
    }
    public void setId(int id) { 
        this.id = id;
    }
    public String getPassword() { 
        return password;
    }
    public void setPassword(String password) { 
        this.password = password;
    }
    public String getUsername() { 
        return username;
    }
    public void setUsername(String username) { 
        this.username = username;
    }

    public SysRedis(String username,String password){ 
        this.username = username;
        this.password = password;
    }


}

Dao層(省略)
Service層
在這裏插入圖片描述

web

public boolean login(SysRedis user);
    public List<SysRedis> getList();

ServiceImpl層
在這裏插入圖片描述
redis

package com.example.demo.Service.ServiceImpl;
import com.example.demo.Entity.SysRedis;
import com.example.demo.Service.SysRedisSerivce;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.List;
@Service
public class SysServiceImpl implements SysRedisSerivce{ 
    @Override
    public boolean login(SysRedis user) { 
        String username = user.getUsername();
        String password = user.getPassword();
        if(username.equals("king") && password.equals("123")){ 
            return true;
        }
        return false;
    }
    @Override
    public List<SysRedis> getList() { 
        SysRedis user1= new SysRedis("king1","12345");
        SysRedis user2 = new SysRedis("king2","12345");
        SysRedis user3 = new SysRedis("king3","12345");
        List<SysRedis> list = new ArrayList<>();
        list.add(user1);
        list.add(user2);
        list.add(user3);
        return list;
    }
}

Controller層
在這裏插入圖片描述
算法

package com.example.demo.Controller;
import com.example.demo.Entity.SysRedis;
import com.example.demo.Service.SysRedisSerivce;
import com.example.demo.Unti.TokenUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@Controller
public class SysRedisController { 
    @Autowired
    private SysRedisSerivce sysRedisSerivce;
    @PostMapping("/login")
    @ResponseBody
    public Map<String,Object> login(String username, String password){ 
        Map<String,Object> map = new HashMap<>();
        SysRedis user = new SysRedis(username,password);
        if(sysRedisSerivce.login(user)){ 
            String token = TokenUtil.sign(user);
            if(token != null){ 
                map.put("code", "10000");
                map.put("message", "認證成功");
                map.put("token", token);
                return map;
            }
        }
        map.put("code", "0000");
        map.put("message", "認證失敗");
        return map;
    }
    @PostMapping("/getList")
    public List<SysRedis> getList(){ 
        List userList = sysRedisSerivce.getList();
        return userList;

    }

}

在這裏插入圖片描述

package com.example.demo.Unti;

import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import java.util.ArrayList;
import java.util.List;

public class IntercepterConfig implements WebMvcConfigurer { 

    private TokenInterceptor tokenInterceptor;

    //構造方法
    public IntercepterConfig(TokenInterceptor tokenInterceptor){ 
        this.tokenInterceptor = tokenInterceptor;
    }
    @Override
    public void addInterceptors(InterceptorRegistry registry){ 
        List<String> excludePath = new ArrayList<>();
        excludePath.add("/user_register"); //註冊
        excludePath.add("/login"); //登陸
        excludePath.add("/logout"); //登出
        excludePath.add("/static/**");  //靜態資源
        excludePath.add("/assets/**");  //靜態資源
        registry.addInterceptor(tokenInterceptor)
                .addPathPatterns("/**")
                .excludePathPatterns(excludePath);
        WebMvcConfigurer.super.addInterceptors(registry);
    }
}

在這裏插入圖片描述

package com.example.demo.Util;

import com.alibaba.fastjson.JSONObject;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;

@Component
public class TokenInterceptor implements HandlerInterceptor { 
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)throws Exception{ 

        if(request.getMethod().equals("OPTIONS")){ 
            response.setStatus(HttpServletResponse.SC_OK);
            return true;
        }
        response.setCharacterEncoding("utf-8");
        String token = request.getHeader("admin-token");
        if(token != null){ 
            boolean result = TokenUtil.verify(token);
            if(result){ 
                System.out.println("經過攔截器");
                return true;
            }
        }
        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json; charset=utf-8");
        PrintWriter out = null;
        try{ 
            JSONObject json = new JSONObject();
            json.put("success","false");
            json.put("msg","認證失敗,未經過攔截器");
            json.put("code","50000");
            response.getWriter().append(json.toJSONString());
            System.out.println("認證失敗,未經過攔截器");
            // response.getWriter().write("50000");
        }catch (Exception e){ 
            e.printStackTrace();
            response.sendError(500);
            return false;
        }
        return false;
    }



}

在這裏插入圖片描述

package com.example.demo.Unti;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.example.demo.Entity.SysRedis;

import java.util.Date;

public class TokenUtil { 
    private static final long EXPIRE_TIME= 15*60*1000;
    private static final String TOKEN_SECRET="token123";  //密鑰鹽


    /** * 簽名生成 * @param user * @return */
    public static String sign(SysRedis user){ 

        String token = null;
        try { 
            Date expiresAt = new Date(System.currentTimeMillis() + EXPIRE_TIME);
            token = JWT.create()
                    .withIssuer("auth0")
                    .withClaim("username", user.getUsername())
                    .withExpiresAt(expiresAt)
                    // 使用了HMAC256加密算法。
                    .sign(Algorithm.HMAC256(TOKEN_SECRET));
        } catch (Exception e){ 
            e.printStackTrace();
        }
        return token;

    }
    /** * 簽名驗證 * @param token * @return */
    public static boolean verify(String token){ 
        try { 
            JWTVerifier verifier = JWT.require(Algorithm.HMAC256(TOKEN_SECRET)).withIssuer("auth0").build();
            DecodedJWT jwt = verifier.verify(token);
            System.out.println("認證經過:");
            System.out.println("issuer: " + jwt.getIssuer());
            System.out.println("username: " + jwt.getClaim("username").asString());
            System.out.println("過時時間: " + jwt.getExpiresAt());
            return true;
        } catch (Exception e){ 
            return false;
        }

    }
}

postman
在這裏插入圖片描述
在這裏插入圖片描述
在這裏插入圖片描述


spring

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程