jwt配置文件
public class JwtUtils {
private static String signKey = "sziit";
private static Long expire = 43200000L;
/**
* 生成JWT令牌
* @param claims JWT第二部分负载 payload 中存储的内容
* @return
*/
public static String generateJwt(HashMap<String, Object> claims){
String jwt = Jwts.builder()
.addClaims(claims)
.signWith(SignatureAlgorithm.HS256, signKey)
.setExpiration(new Date(System.currentTimeMillis() + expire))
.compact();
return jwt;
}
/**
* 解析JWT令牌
* @param jwt JWT令牌
* @return JWT第二部分负载 payload 中存储的内容
*/
public static Claims parseJWT(String jwt){
Claims claims = Jwts.parser()
.setSigningKey(signKey)
.parseClaimsJws(jwt)
.getBody();
return claims;
}
}
登录校验
@PostMapping("/password")
public R<String> loginThroughPassword(@RequestBody Students students){
String name = students.getName();
String password = students.getPassword();
LambdaQueryWrapper<Students> studentsLambdaQueryWrapper = new LambdaQueryWrapper<>();
studentsLambdaQueryWrapper.eq(Students::getName,name);
studentsLambdaQueryWrapper.eq(Students::getPassword,password);
Students one = studentsService.getOne(studentsLambdaQueryWrapper);
if (one == null) {
return R.error("用户名或密码错误!!!");
}
HashMap<String, Object> claims = new HashMap<>();
claims.put("id", one.getId());
claims.put("name", one.getName());
claims.put("is_number",one.getContactNumber());
String jwt = JwtUtils.generateJwt(claims); //jwt包含了当前登录的员工信息
return R.success(jwt);
}
拦截器
@Component
@Slf4j
public class JwtTokenAdminInterceptor implements HandlerInterceptor {
/**
* 校验jwt
*
* @param request
* @param response
* @param handler
* @return
* @throws Exception
*/
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//判断当前拦截到的是Controller的方法还是其他资源
if (!(handler instanceof HandlerMethod)) {
//当前拦截到的不是动态方法,直接放行
return true;
}
//1、从请求头中获取令牌
String token = request.getHeader(token);
//2、校验令牌
try {
log.info("jwt校验:{}", token);
Claims claims = JwtUtil.parseJWT(token);
Long empId = Long.valueOf(claims.get(JwtClaimsConstant.EMP_ID).toString());
log.info("当前员工id:", empId);
BaseContext.setCurrentId(empId);
//3、通过,放行
return true;
} catch (Exception ex) {
//4、不通过,响应401状态码
response.setStatus(401);
return false;
}
}
}