@RestController
@RequestMapping("/api/v2/jwt")
public class JwtApi {
private static Logger logger = LoggerFactory.getLogger(JwtApi.class);
@Autowired
private JwtService jwtService;
@Autowired
private AccountsService accountsService;
/**
* 创建jwt Token
*
* @return
*/
@RequestMapping(path = "/getJwtToken", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
public JSONObject getJwtToken(HttpServletRequest httpServletRequest) {
JSONObject jb = new JSONObject();
Long userId = Long.valueOf(httpServletRequest.getAttribute(WebStarterApplicationFilter.USER_ID_KEY).toString());
String loginName = accountsService.findLoginNameByUserId(userId);
if (StringUtils.isEmpty(loginName)) {
jb.put("code", "500");
jb.put("message", "用户未登录");
return jb;
}
// 创建payload的私有声明(根据特定的业务需要添加,如果要拿这个做验证,一般是需要和jwt的接收方提前沟通好验证方式的)
Map<String, Object> claims = new HashMap<String, Object>();
logger.info("getJwtToken loginName is -> " + loginName);
claims.put("loginName", loginName);
return jwtService.createJwtToken(claims);
}
/**
* 验证jwt Token
*
* @return
* @throws Exception
*/
@RequestMapping(path = "/checkJwtToken", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
public JSONObject checkJwtToken(String param) throws Exception {
JSONObject jb = new JSONObject();
logger.info("/api/v2/jwt/checkJwtToken[MX-AUTHORIZATION]>>>" + param);
if (StringUtils.isEmpty(param)) {
ErrorJson errorJson = new ErrorJson("20000", "jwt token无效或不存在");
logger.warn("/api/v2/jwt/checkJwtToken>>>" + errorJson.toJson());
}
Claims claims = jwtService.parseJWT(param);
logger.info("/api/v2/jwt/checkJwtToken[MX-AUTHORIZATION]>>>" + JSONObject.toJSONString(claims));
if (StringUtils.isEmpty(claims)) {
JSON Web Token(代码篇)
最新推荐文章于 2022-09-05 00:01:30 发布