private static final String SIGN = “token!@19weawe2r24@#$@%!wewa98du”;
/**
-
生成token
-
@param claim 传入的payload
-
@return
*/
public static String getToken(Map<String, String> claim) {
JWTCreator.Builder builder = JWT.create();
/*
-
1、header 用默认的就可
-
2、设置payload .withClaim
-
3、设置签名 .sign
*/
claim.forEach((key, value) -> {
builder.withClaim(key, value); //设置payload
});
Calendar instance = Calendar.getInstance();
instance.add(Calendar.DAY_OF_MONTH, 7);
builder.withExpiresAt(instance.getTime()); //设置token过期时间
return builder.sign(Algorithm.HMAC256(SIGN));
}
/**
-
校验令牌
-
@param token
*/
public static DecodedJWT verifyToken(String token) {
return JWT.require(Algorithm.HMAC256(SIGN)).build().verify(token);
}
}
使用拦截器拦截处理token
/**
-
@author dugt1998@163.com
-
@date 2020/11/8 13:26
*/
public class J 需要zi料+ 绿色徽【vip1024b】
WTInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String token = request.getHeader(“token”);
HashMap<String, Object> map = new HashMap<>();
try {
JWTUtils.verifyToken(token);
return true;
} catch (SignatureVerificationException e) {
/**
-
SignatureVerificationException :签名不一致异常
-
TokenExpiredException: 令牌过期异常
-
AlgorithmMismatchException:算法不匹配异常
-
InvalidClamException 失效的payload异常
*/
e.printStackTrace();
map.put(“msg”,“无效的签名”);
}catch (TokenExpiredException e){
e.printStackTrace();
map.put(“msg”,“该令牌已过期”);
}catch (AlgorithmMismatchException e){
e.printStackTrace();
map.put(“msg”,“算法不匹配”);
}catch (Exception e){
e.printStackTrace();
map.put(“msg”,“token无效!”);
}
map.put(“status”,false);
String errorMsg = JSONObject.toJSONString(map);
response.setContentType(“application/json; charset=UTF-8”);
PrintWriter writer = response.getWriter();
writer.print(errorMsg);
writer.close();
return false;
}
}
开启拦截器
/**
-
-
@author dugt1998@163.com
-
@date 2020/11/9 9:46
*/
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(jwtInterceptor())
.addPathPatterns(“/**”)
.excludePathPatterns(“/user/login”);
}
@Bean
public JWTInterceptor jwtInterceptor(){
return new JWTInterceptor();
}
}
用户登录认证授权token信息
/**
-
认证
-
@param user
-
@param request
-
@return
*/
@PostMapping(“/login”)
public Map<String, Object> login(User user, HttpServletRequest request) {
HashMap<String, Object> map = new HashMap<>();
QueryWrapper wrapper = new QueryWrapper<>();
本次面试答案,以及收集到的大厂必问面试题分享:
public Map<String, Object> login(User user, HttpServletRequest request) {
HashMap<String, Object> map = new HashMap<>();
QueryWrapper wrapper = new QueryWrapper<>();
本次面试答案,以及收集到的大厂必问面试题分享:
[外链图片转存中…(img-UehcSZZJ-1710360062115)]