最近在B站大学学习Java开发,刚好学到登入验证,在使用JJWT令牌时踩了一些坑,在这里把代码和依赖给出,希望后来者得以借鉴。
- 依赖
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-api</artifactId>
<version>0.11.2</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<version>0.11.2</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<version>0.11.2</version>
</dependency>
- JJWT编解码的工具类
package com.example.demo2.utils;
import com.example.demo2.pojo.Emp;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.jackson.io.JacksonSerializer;
import io.jsonwebtoken.security.Keys;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import java.security.Key;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
@Slf4j
public class JWTUtils {
private static String hashKey="springbootdemofdjwauiohuibaduiwhanuihwudw47894987awdwhi";
public static String generate(Emp emp){
//生成载体
Map<String,Object> claims=new HashMap<>();
claims.put("id",emp.getId());
claims.put("username",emp.getUsername());
claims.put("name",emp.getName());
//生成令牌
String token= Jwts.builder()
.setClaims(claims)
.signWith(SignatureAlgorithm.HS256,hashKey)
.setExpiration(new Date(System.currentTimeMillis()+24*3600*1000))
.serializeToJsonWith(new JacksonSerializer<>())
.compact();
log.info("JWT令牌生成成功,{}",token);
return token;
}
public static Boolean parse(String token){
try{
Claims claims=Jwts.parser()
.setSigningKey(hashKey)
.parseClaimsJws(token)
.getBody();
log.info("令牌解析成功,{}",claims);
return true;
}
catch (Exception e){
log.info("令牌解析错误,说明用户未登录");
return false;
}
}
}