移动端jwt方式登录

最新推荐文章于 2024-06-02 22:57:30 发布

java开发日记

最新推荐文章于 2024-06-02 22:57:30 发布

阅读量1.6k

点赞数

分类专栏：其他文章标签： jwt简单使用 jwt

本文链接：https://blog.csdn.net/jzx937345232/article/details/79374926

版权

其他专栏收录该内容

1 篇文章 0 订阅

订阅专栏

jwt个人理解就是一种加密方式,以及自带存储的一种app端的身份校验方式

一: 引入jwt加密工具

import java.util.HashMap;
import java.util.Map;

import com.auth0.jwt.JWTSigner;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.internal.com.fasterxml.jackson.databind.ObjectMapper;

public class JWT {

	private static final String SECRET = "asdKSLJMH$%^&)($%^&U*(BMNBNMBMNB";
	
	private static final String EXP = "exp";
	
	private static final String PAYLOAD = "payload";

	/**
	 * 加密
	 * @param object
	 *            the POJO object
	 * @param maxAge
	 *            the milliseconds of life time
	 * @return the jwt token
	 */
	public static <T> String sign(T object, long maxAge) {
		try {
			final JWTSigner signer = new JWTSigner(SECRET);
			final Map<String, Object> claims = new HashMap<String, Object>();
			ObjectMapper mapper = new ObjectMapper();
			String jsonString = mapper.writeValueAsString(object);
			claims.put(PAYLOAD, jsonString);
			claims.put(EXP, System.currentTimeMillis() + maxAge);
			return signer.sign(claims);
		} catch(Exception e) {
			return null;
		}
	}
	
	
	/**
	 * 解密
	 * @param jwt
	 * @return POJO object
	 */
	public static<T> T unsign(String jwt, Class<T> classT) {
		final JWTVerifier verifier = new JWTVerifier(SECRET);
	    try {
			final Map<String,Object> claims= verifier.verify(jwt);
			if (claims.containsKey(EXP) && claims.containsKey(PAYLOAD)) {
				long exp = (Long)claims.get(EXP);
				long currentTimeMillis = System.currentTimeMillis();
				if (exp > currentTimeMillis) {
					String json = (String)claims.get(PAYLOAD);
					ObjectMapper objectMapper = new ObjectMapper();
					return objectMapper.readValue(json, classT);
				}
			}
			return null;
		} catch (Exception e) {
			return null;
		}
	}
}

二: 在登录时候对user进行加密

import java.util.HashMap;
import java.util.Map;

public class ResponseData<T> {
	

	
	private  String message;
	/**
	 * 1 :success -1:fail
	 */

	private  int code;
	private  T data;

	public String getMessage() {
		return message;
	}

	public void setMessage(String message) {
		this.message = message;
	}

	public int getCode() {
		return code;
	}

	public void setCode(int code) {
		this.code = code;
	}

	public T getData() {
		return data;
	}

	public void setData(T data) {
		this.data = data;
	}

	public ResponseData(String message, int code) {
		this.message = message;
		this.code = code;
	}
}

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.xt.tutorial.models.User;
import com.xt.tutorial.utils.JWT;
import com.xt.tutorial.utils.ResponseData;

@Controller
@RequestMapping("/users")
public class UsersController {

	@PostMapping("/login")
	@ResponseBody
	public Object login(@RequestParam String username, @RequestParam String password) {
		ResponseData responseData = new ResponseData();
		if ("imjack".equals(username) && "123456".equals(password)) {

			User user = new User();
			user.setId(1);
			user.setUsername(username);
			user.setPassword(password);
			String token = JWT.sign(user, 30L * 24L * 3600L * 1000L);
			if (token != null) {
				responseData.setData(token);
				responseData.setCode(1);
			}
			return responseData;
		}
		responseData.setCode(-1);
		responseData.setMessage("用户名密码错误");
		return responseData;
	}
}

三: 其他controller使用token 并解析

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.xt.tutorial.models.User;
import com.xt.tutorial.utils.JWT;
import com.xt.tutorial.utils.ResponseData;

@Controller
@RequestMapping("/me")
public class OtherController {

	@GetMapping("/get_info")
	@ResponseBody
	public ResponseData getInfo(@RequestParam String token) {
		User user = JWT.unsign(token, User.class);
		if (user != null) {
			/**
			 * 你的业务代码
			 */
		}
		//登录失效
		return new ResponseData("登录失效",-1);
	}
}

java开发日记

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
1
评论
移动端jwt方式登录

jwt个人理解就是一种加密方式,以及自带存储的一种app端的身份校验方式一: 引入jwt加密工具import java.util.HashMap;import java.util.Map;import com.auth0.jwt.JWTSigner;import com.auth0.jwt.JWTVerifier;import com.auth0.jwt.internal.com.fa...
复制链接

扫一扫