JWT的一些基础知识JWT(JSON Web Token)
JWT用户认证
jwt验证流程
Jwt权限时序图(微服务架构)
Jwt
Gateway微服务网关&JWT
JWT原理
spring security
简单整合JWT的原理的一个记录,不全JWT原理
JWT生命周期
JWT流程、JWT工作流程、JWT系统应用于开发JWT生命周期
JWT流程
java学习JWT流程
jWT
jwt认证流程jWT
public class JwtSuccessAuthHandler implements AuthenticationSuccessHandler {
private TokenService tokenService;
public JwtSuccessAuthHandler(TokenService tokenService) {
this.tokenService = tokenService;
}
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
response.setContentType("application/json; charset=UTF-8");
LoginUser principal = (LoginUser) authentication.getPrincipal();
principal.setPassword(null);
String token = tokenService.createToken(principal);
//自定义header存放token
response.setHeader("jwt_token", token);
ResponseResult<String> result = ResponseResult.ok("登陆成功");
PrintWriter out = response.getWriter();
out.println(JsonUtils.objectToJson(result));
out.flush();;
out.close();
}
}
public class JwtAuthFilter extends OncePerRequestFilter {
private TokenService tokenService;
public JwtAuthFilter(TokenService tokenService) {
this.tokenService = tokenService;
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
String token = request.getHeader("jwt_token");
if (token != null) {
Claims claims = tokenService.parseToken(token);
LoginUser user = JsonUtils.parse(claims.get("user").toString(), LoginUser.class);
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (user != null && authentication == null) {
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
}
}
filterChain.doFilter(request, response);
}
}