springboot+vue实现token验证

最新推荐文章于 2023-09-15 14:32:03 发布
最新推荐文章于 2023-09-15 14:32:03 发布
阅读量335 收藏 3
点赞数
文章标签: jwt
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/loliDapao/article/details/111399665
版权

目录

后端:

<!--token-->
        <dependency>
            <groupId>com.auth0</groupId>
            <artifactId>java-jwt</artifactId>
            <version>3.4.0</version>
        </dependency>

/**
 * @author :ZWQ
 * @version :1.0
 * @date :2019/10/16 - 18:52
 * @description :
 */

@Service
public class TokenService {

    public String getToken(User user) {
        Date start = new Date();
        long currentTime = System.currentTimeMillis() + 60* 60 * 1000;//一小时有效时间
        Date end = new Date(currentTime);
        String token = "";

        token = JWT.create().withAudience(user.getUserId().toString()).withIssuedAt(start).withExpiresAt(end)
                .sign(Algorithm.HMAC256(user.getPassword()));
        return token;
    }
}
@RestController
@RequestMapping("/user")
public class UserController {

    @Autowired
    UserService userService;
    @Autowired
    TokenService tokenService;

    /**
     * 登录方法
     * @param request
     * @return ModelAndView
     */
    @RequestMapping("/login")
    public String login(@RequestBody User user, HttpServletRequest request)  {
        System.out.println(user.getUserName()+" "+user.getPassword());

        User userForBase=userService.getUserByUsername(user.getUserName(), user.getPassword());

        System.out.println("------------------------------"+userForBase);
        if(userForBase==null){
           String msg = "用户名或者密码错误";
           return msg;
        }
        String token = tokenService.getToken(userForBase);
        System.out.println(token);
        return token;
    }

    /*测试token  不登录没有token*/
    @UserLoginToken
    @GetMapping("/getMessage")
    public String getMessage(){
        return "你已通过验证";
    }
package com.springboot.interceptor;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.springboot.annotation.PassToken;
import com.springboot.annotation.UserLoginToken;
import com.springboot.pojo.User;
import com.springboot.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

/**
 * @author :ZWQ
 * @version :1.0
 * @date :2019/10/16 - 18:47
 * @description :拦截器去获取token并验证token
 */

public class AuthenticationInterceptor implements HandlerInterceptor {
    @Autowired
    UserService userService;

    @Override
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object object) throws Exception {
        String token = httpServletRequest.getHeader("token");// 从 http 请求头中取出 token
        // 如果不是映射到方法直接通过
        if (!(object instanceof HandlerMethod)) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) object;
        Method method = handlerMethod.getMethod();
        //检查是否有passtoken注释,有则跳过认证
        if (method.isAnnotationPresent(PassToken.class)) {
            PassToken passToken = method.getAnnotation(PassToken.class);
            if (passToken.required()) {
                return true;
            }
        }
        //检查有没有需要用户权限的注解
        if (method.isAnnotationPresent(UserLoginToken.class)) {
            UserLoginToken userLoginToken = method.getAnnotation(UserLoginToken.class);
            if (userLoginToken.required()) {
                // 执行认证
                if (token == null) {
                    throw new RuntimeException("无token,请重新登录");
                }
                // 获取 token 中的 user id
                String userId = null;
                int id = Integer.parseInt(userId);
                try {
                    userId = JWT.decode(token).getAudience().get(0);
                } catch (JWTDecodeException j) {
                    throw new RuntimeException("401");
                }
                User user = userService.findUserById(id);
                if (user == null) {
                    throw new RuntimeException("用户不存在,请重新登录");
                }
                // 验证 token
                JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(user.getPassword())).build();
                try {
                    jwtVerifier.verify(token);
                } catch (JWTVerificationException e) {
                    throw new RuntimeException("401");
                }
                return true;
            }
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest,
                           HttpServletResponse httpServletResponse,
                           Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest,
                                HttpServletResponse httpServletResponse,
                                Object o, Exception e) throws Exception {
    }
}
package com.springboot.config;

import com.springboot.interceptor.AuthenticationInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * @author :ZWQ
 * @version :1.0
 * @date :2019/10/16 - 18:49
 * @description :
 */

@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(authenticationInterceptor())
                .addPathPatterns("/**");    // 拦截所有请求,通过判断是否有 @LoginRequired 注解 决定是否需要登录
    }
    @Bean
    public AuthenticationInterceptor authenticationInterceptor() {
        return new AuthenticationInterceptor();
    }
}
package com.springboot.annotation;

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
 * @author :ZWQ
 * @version :1.0
 * @date :2019/10/16 - 18:44
 * @description :用来跳过验证的PassToken
 */

@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
public @interface PassToken {
    boolean required() default true;
}
package com.springboot.annotation;

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
 * @author :ZWQ
 * @version :1.0
 * @date :2019/10/16 - 18:46
 * @description :需要登录才能进行操作的注解UserLoginToken
 */

@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
public @interface UserLoginToken {
    boolean required() default true;
}

回到顶部

VUE

login.vue

 
<template>
  <div id="logo">
    <div class="login-box" style="margin-top:200px">
      <!-- 通过:rules="loginFormRules"来绑定输入内容的校验规则 -->
      <el-form :rules="loginFormRules" ref="LoginForm" :model="loginForm" label-position="right" label-width="auto" show-message>
        <span class="login-title" style="margin-left:-110px;font-size:30px">欢迎登录</span>

        <div style="margin-top: 5px"></div>

        <el-form-item label="用户名" prop="userName" style="margin-left:500px;margin-top:30px;font-weight:bold">
          <el-col :span="8" >
            <el-input type="text" v-model="loginForm.userName"></el-input>
          </el-col>
        </el-form-item>

        <el-form-item label="密码" prop="password" style="margin-left:500px;font-weight:bold">
          <el-col :span="8" >
            <el-input type="password" v-model="loginForm.password"></el-input>
          </el-col>
        </el-form-item>
        <el-form-item>
          <el-button type="primary" @click="login('LoginForm')" style="margin-left:-180px">登录</el-button>&nbsp;&nbsp;&nbsp;&nbsp;
        </el-form-item>
      </el-form>
      <p>还没有账号? 现在<router-link to='/register'>注册</router-link></p>
    </div>
  </div>
</template>

<script>
    import jwt from 'jwt-decode';
    export default {
        name: "login",
        data () {
            return {
                loginForm: {
                    userName: '',
                    password: ''
                },
                // 表单验证,需要在 el-form-item 元素中增加 prop 属性
                loginFormRules: {
                    userName: [
                        {required: true, message: '账号不可为空', trigger: 'blur'},
                       /* {min: 2,max: 7,message: '长度在 2 到 7 个字符'},
                        {pattern: /^[\u4E00-\u9FA5]+$/, message: '用户名只能为中文'}*/
                    ],
                    password: [
                        {required: true, message: '密码不可为空', trigger: 'blur'}
                    ]
                }
            }
        },

        methods: {
            login (LoginForm) {
                this.$refs[LoginForm].validate( valid =>{
                    if(valid){
                        this.$axios.post('/user/login',this.loginForm).then( res =>{

                            //登陆成功  使用token
                            const token = res.data;
                            console.log(token);
                            /*存储到ls*/
                            localStorage.setItem('eleToken',token);
                            /*解析token中的信息*/
                            const decoded = jwt(token);
                            /*存储至vuex*/
                            this.$store.dispatch("setAuthenticated",!this.isEmpty(decoded))  //decoded空,函数返回真,取反假
                            this.$store.dispatch("setUser",decoded)

                            /*跳转*/
                            this.$router.push('/index/welcome');
                        })
                    }
                })
            },
            isEmpty(value){
                return(
                    value ===undefined || value ===null ||
                    (typeof  value === "object" && Object.keys(value).length ===0) ||
                    (typeof value ==="string" && value.trim().length ===0)
                );
            }
        }
    };
</script>
 

http.js

/**
 * axios请求配置
 */
import axios from 'axios'
import { Loading } from 'element-ui';   /*elementUI的loading*/
import { Message } from 'element-ui';   /*elementUI消息提醒*/
/*import { Message,Loading } from 'element-ui';  也可以这样解构赋值*/
import router from '../router/index'


let loading;
function startLoading () {
  loading = Loading.service({    /*在需要调用时:*/
    lock: true,
    text: '拼命加载中...',
    background: 'rgba(0,0,0,0,7)'
  });
}

function endLoading () {
  loading.close();
}

//请求拦截
axios.interceptors.request.use(config => {
    //加载动画
    startLoading();
    /*判断token存在   登录拦截*/
    if(localStorage.eleToken){
      /*设置统一的header*/
      config.headers.Authorization  = localStorage.eleToken;
    }
    return config;
  },error => {
  return Promise.reject(error);
});

//响应拦截
axios.interceptors.response.use(Response => {
  //结束加载动画
  endLoading();
  return Response;
  },error => {
    //错误提醒
  endLoading();
  Message.error(error.response.data);

  /*获取错误状态码*/
  const  { status } =error.response;
  if(status == 401){
    Message.error("token失效,重新登录");
    /*清楚token*/
    localStorage.removeItem('eleToken');
    /*跳转登录*/
    router.push('/')
  }

  return Promise.reject(error);
})




export default axios;

store.js

import Vue from 'vue';
import Vuex from 'vuex';
Vue.use(Vuex)

const types ={
   SET_AUTHENTICATED: 'SET_AUTHENTICATE',
   SET_USER: 'SET_USER',
};

const state = {
  isAuthenticated: false,
  user: {}
};

const getters ={
  isAuthenticated: state =>state.isAuthenticated,
  user: state => state.user
};

const mutations ={
    [types.SET_AUTHENTICATED](state,isAuthenticated){      /*设置是否授权*/
        if(isAuthenticated) state.isAuthenticated = isAuthenticated;
        else state.isAuthenticated = false;
    },
  /*类型,参数*/
    [types.SET_USER](state,user){
      if (user) state.user = user;
      else state.user = {};
    }
};

/*异步操作  调用mutations*/
const actions ={
  setAuthenticated:( {commit},isAuthenticated) =>{
    commit(types.SET_AUTHENTICATED,isAuthenticated);
  },
  setUser:({commit},user) =>{
    commit(types.SET_USER,user);
  }
};

export default new Vuex.Store({
  state,
  getters,
  mutations,
  actions
});
import Vue from 'vue'
import Router from 'vue-router'
import Index from '../pages/Index'
import Login from '../pages/login/Login'
import Registr from '../pages/login/Registr'
import NotFound from '../pages/404'
Vue.use(Router)

const router = new Router({
  routes: [
    {
      path: '/',
      name: 'login',
      component: Login
    }, {
      path: '/index',
      name: 'index',
      component: Index
    },{
      path: '/register',
      name: 'register',
      component: Registr
    },{
      path: '*',
      name: '/404',
      component: NotFound
    }
  ]
})


/*路由守卫   根据登录获得token*/
router.beforeEach((to,from,next) =>{
    const isLogin = localStorage.eleToken ? true :false ;
    if(to.path ==="/" || to.path ==="/register"){
      next();
    }else{
      isLogin ? next() :next("/")   /*真跳转  假注册*/
    }
})






export default router
<template>
  <div id="app">
    <router-view/>
  </div>
</template>




<script>
import jwt from 'jwt-decode';
export default {
    name: "App",
    comments:{},
    created(){   /*在根组件进行判断,否则刷新就没了*/
        if (localStorage.eleToken){
            const decoded = jwt(localStorage.eleToken);
            /*存储至vuex*/
            this.$store.dispatch("setAuthenticated",!this.isEmpty(decoded))
            this.$store.dispatch("setUser",decoded)
        }
    },
    methods: {
        isEmpty(value){
            return(
                value ===undefined || value ===null ||
                (typeof  value === "object" && Object.keys(value).length ===0) ||
                (typeof value ==="string" && value.trim().length ===0)
            );
        }
    }
};
</script>



<style>
#app {
  font-family: 'Avenir', Helvetica, Arial, sans-serif;
  -webkit-font-smoothing: antialiased;
  -moz-osx-font-smoothing: grayscale;
  text-align: center;
  color: #2c3e50;
  margin-top: 60px;
}
</style>

main.js

// The Vue build version to load with the `import` command
// (runtime-only or standalone) has been set in webpack.base.conf with an alias.
import Vue from 'vue'
import App from './App'
import router from './router'
import ElementUI from 'element-ui';
import 'element-ui/lib/theme-chalk/index.css';
import axios from './api/http'   /*配置axios*/
import store from './store/index'

Vue.use(ElementUI);
Vue.config.productionTip = false
Vue.prototype.$axios = axios
axios.defaults.baseURL ='/api';
/* eslint-disable no-new */
new Vue({
  el: '#app',
  router,
  store,
  components: { App },
  template: '<App/>'
})

loliDapao
关注
spring boot+vue+websocket带token身份认证推送消息实现
06-25
vue前端后端分离spring boot 2.0集成websocket,带身份认证实现消息推送功能
Spring boot+VUE实现token验证
qq_51664685的博客
05-04 4331
阐述了spring boot+vue前后端分离项目中如何使用token进行验证
SpringBoot+Vue下的token
fjchenxq的博客
06-14 599
一.后端(Spingboot) 1.定义注解 2.定义TokenService类 @Service public class TokenService { //生成token public String getToken(User user){ String token = ""; token = JWT.create().withAudience(user.getUserName()).sign(Algorithm.HMAC256(user.getUser
SpringBoot+vue+token
koutianchen的博客
11-06 1175
文章目录前端token验证后端token验证(集成jwt) 前端 token验证 1、前端接受后台发过来的token,将其存入LocalStorage,并且在store.js中进行存储 state: { // 存储token Authorization: localStorage.getItem('Authorization') ? localStorage.getItem('A...
【无标题】# SpringBoot+vue+Jwt实现token验证
qq_56403451的博客
11-25 441
# SpringBoot+vue+Jwt实现token验证
springboot+vue实现学生选课管理系统.zip
05-05
总结,"springboot+vue实现学生选课管理系统"项目综合运用了SpringBootVue.js、Vue-cli和Token验证技术,实现了高效、安全的学生选课功能。该项目展示了现代Web开发的主流实践,对学习和理解这些技术的融合应用...
SpringBoot + Vue 实现用户名密码登录.zip
11-05
这是一个基础的前后端分离应用实例,主要展示了如何在没有使用Token验证的情况下进行用户身份验证。 1. **SpringBoot**: - **Spring Security**:SpringBoot默认集成了Spring Security,这是一个强大的安全框架,...
springboot+vue+bootstrap实现用户增删改查
12-19
在本项目中,"springboot+vue+bootstrap"的组合被用来实现一个基本的用户管理功能,包括用户信息的增加、删除、修改和查询。这是一个常见的Web应用开发场景,涉及后端服务处理与前端界面展示的协同工作。下面将详细...
基于SpringBoot+Vue的前后端分离仓储管理系统设计与实现
11-29
《基于SpringBoot+Vue的前后端分离仓储管理系统设计与实现》 在当今信息化时代,企业对高效、便捷的仓储管理需求日益增长。本系统利用现代Web技术,采用前后端分离的架构模式,以SpringBoot为后端开发框架,Vue.js...
SpringBoot+Vue+Redis实现单点登录(一处登录另一处退出登录)
08-25
在本文中,我们将探讨如何使用SpringBootVue.js和Redis来实现单点登录(Single Sign-On,SSO)系统。单点登录允许用户在一个应用程序中登录后,可以在多个相互关联的应用程序中自动登录,而无需再次输入凭证。当...
SpringBoot框架集成token实现登录校验功能
08-25
主要为大家详细介绍了SpringBoot框架集成token实现登录校验功能,具有一定的参考价值,感兴趣的小伙伴们可以参考一下
spring boot+jwt实现api的token认证详解
08-26
主要给大家介绍了关于spring boot+jwt实现api的token认证的相关资料,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一学习学习吧
vueJS springboot 前后台分离 jwt
11-21
前后端分离架构,前端vueJS,后端springboot微服务,token基于jwt加密技术,跨域访问后端服务,结合实例,整合的一个简单的demo
JWT实现Token认证
lao_wang_tou的博客
09-12 366
JWT实现Token认证 //引入JWT依赖,由于是基于Java,所以需要的是java-jwt <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.4.0</ver...
Springboot+vue实现用户登陆时通过token验证的demo
最新发布
m0_74417628的博客
09-15 1951
学习了http://t.csdn.cn/FSPqU后实现Springboot+vue登陆时的token验证的demo
SpringBoot+Vue+Token实现登录验证码校验
Su7148的博客
01-06 1229
SpringBoot+Vue+Token实现登录验证码校验
2022年超详细的SpringBoot+Vue+Jwt实现token的认证(重点部分讲解和完整的代码设计)
日常笔记 | 干货分享 | 毕设源码 | 毕设指导 | 答辩指导
09-12 1044
2022年超详细的SpringBoot+Vue+Jwt实现token的认证(重点部分讲解和完整的代码设计)
Vue+Spring Boot实现token认证
qq_43574493的博客
01-09 2067
在使用 Vue开发前后分离的项目以前,后台可以通过 Session 储存和获取当前登录的用户信息,进行权限管理。但使用Vue之后,发现虽然前端浏览器没有打开过新的页面。但后台每一次获取请求的Session都不相同。后台无法通过Session辨别当前用户。经过查找资料才发现,如今可以通过token进行身份验证
SpringBoot+Vue整合Token(自我学习记录)
ltp0317的博客
05-24 1138
SpringBoot+Vue整合Token(自我学习记录)
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值