1 添加依赖
< dependency>
< groupId> org.springframework.boot</ groupId>
< artifactId> spring-boot-starter-security</ artifactId>
</ dependency>
< dependency>
< groupId> cn.hutool</ groupId>
< artifactId> hutool-all</ artifactId>
< version> 4.5.7</ version>
</ dependency>
< dependency>
< groupId> io.jsonwebtoken</ groupId>
< artifactId> jjwt</ artifactId>
< version> 0.9.0</ version>
</ dependency>
2 添加JWT常用操作的工具类
package com. hzf. mymall. common;
import io. jsonwebtoken. Claims;
import io. jsonwebtoken. Jwts;
import io. jsonwebtoken. SignatureAlgorithm;
import org. slf4j. Logger;
import org. slf4j. LoggerFactory;
import org. springframework. beans. factory. annotation. Value;
import org. springframework. security. core. userdetails. UserDetails;
import org. springframework. stereotype. Component;
import java. util. Date;
import java. util. HashMap;
import java. util. Map;
@Component
public class JwtTokenUtils {
private static final Logger LOGGER = LoggerFactory. getLogger ( JwtTokenUtils. class ) ;
private static final String CLAIM_KEY_USERNAME = "sub" ;
private static final String CLAIM_KEY_CREATED = "create" ;
@Value ( "${jwt.secret}" )
private String secret;
@Value ( "${jwt.expiration}" )
private Long expiration;
private String generateToken ( Map< String, Object> claims) {
return Jwts. builder ( )
. setClaims ( claims)
. setExpiration ( generateExpirationDate ( ) )
. signWith ( SignatureAlgorithm. HS512, secret)
. compact ( ) ;
}
private Claims getClaimsFromToken ( String token) {
Claims claims = null;
try {
claims = Jwts. parser ( )
. setSigningKey ( secret)
. parseClaimsJws ( token)
. getBody ( ) ;
} catch ( Exception e) {
LOGGER. info ( "JWT格式验证失败:{}" , token) ;
}
return claims;
}
private Date generateExpirationDate ( ) {
return new Date ( System. currentTimeMillis ( ) + expiration* 1000 ) ;
}
private String getUserNameFromToken ( String token) {
String username;
try {
Claims claims = getClaimsFromToken ( token) ;
username = claims. getSubject ( ) ;
} catch ( Exception e) {
username = null;
}
return username;
}
private boolean validateToken ( String token, UserDetails userDetails) {
String username = getUserNameFromToken ( token) ;
return username. equals ( userDetails. getUsername ( ) ) && ! isTokenExpired ( token) ;
}
private boolean isTokenExpired ( String token) {
Date expiredDate = getExpiredDateFromToken ( token) ;
return expiredDate. before ( new Date ( ) ) ;
}
private Date getExpiredDateFromToken ( String token) {
Claims claims = getClaimsFromToken ( token) ;
return claims. getExpiration ( ) ;
}
private String generateToken ( UserDetails userDetails) {
Map< String, Object> claims = new HashMap < > ( ) ;
claims. put ( CLAIM_KEY_USERNAME, userDetails. getUsername ( ) ) ;
claims. put ( CLAIM_KEY_CREATED, new Date ( ) ) ;
return generateToken ( claims) ;
}
private boolean canRefresh ( String token) {
return ! isTokenExpired ( token) ;
}
private String refreshToken ( String token) {
Claims claims = getClaimsFromToken ( token) ;
claims. put ( CLAIM_KEY_CREATED, new Date ( ) ) ;
return generateToken ( claims) ;
}
}
3 添加SpringSecurity配置类
package com. hzf. mymall. config;
import com. hzf. mymall. component. JwtAuthenticationTokenFilter;
import com. hzf. mymall. component. RestAuthenticationEntryPoint;
import com. hzf. mymall. component. RestfulAccessDeniedHandler;
import com. hzf. mymall. dto. AdminUserDetails;
import com. hzf. mymall. model. UmsAdmin;
import com. hzf. mymall. model. UmsPermission;
import com. hzf. mymall. service. UmsAdminService;
import org. springframework. beans. factory. annotation. Autowired;
import org. springframework. context. annotation. Bean;
import org. springframework. context. annotation. Configuration;
import org. springframework. http. HttpMethod;
import org. springframework. security. authentication. AuthenticationManager;
import org. springframework. security. config. annotation. authentication. builders. AuthenticationManagerBuilder;
import org. springframework. security. config. annotation. method. configuration. EnableGlobalMethodSecurity