JWT实现前后分离认证
步骤:1,创建工程,2,导入依赖,3,更改pom文件,4,写业务
一,创建工程,创建数据库
右键打开idea编译软件,选择快速创建springboot工程
创建用户表user
id int 主键
user varchar
password varchar
二, 导入相关依赖
<dependencies>
<!--测试-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
</dependency>
<!--web-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--jwt-->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.10.3</version>
</dependency>
<!--引入mybatis-->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.1.3</version>
</dependency>
<!--引入lombok-->
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.12</version>
</dependency>
<!--引入druid-->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.23</version>
</dependency>
<!--引入mysql-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.49</version>
</dependency>
<dependency>
<groupId>org.jetbrains</groupId>
<artifactId>annotations</artifactId>
<version>RELEASE</version>
<scope>compile</scope>
</dependency>
</dependencies>
三, 更改pom文件
server:
port: 8080
spring:
datasource:
url: jdbc:mysql://localhost:3306/jwt?characterEncoding=utf-8
username: root
password: 1324
type: com.alibaba.druid.pool.DruidDataSource
driver-class-name: com.mysql.jdbc.Driver
mybatis:
type-aliases-package: com.atjwt.entity
mapper-locations: classpath:com/atjwt/mapper/*.xml
四,写业务
首先操作基本的CRUD实现
然后在编写JWT实现类实现jwt的生成跟验证
public class JWTUtils {
private static final String STRING="hbjfkj!op";//盐值
private static final Calendar CALENDAR=Calendar.getInstance();//设置时间
/**
* 生成token分别为头部,载物,签名
* 默认过期时间为7天
* @return
*/
public static String getToken(Map<String,String> map){
CALENDAR.add(Calendar.DAY_OF_WEEK,7);
JWTCreator.Builder builder = JWT.create();
map.forEach((k,v)->{
builder.withClaim(k,v);
});
//设置过期时间并且加密
String token = builder.withExpiresAt(CALENDAR.getTime())
.sign(Algorithm.HMAC256(STRING));
return token;
}
/**
* 验证token
*/
public static DecodedJWT verify(String token){
return JWT.require(Algorithm.HMAC256(STRING)).build().verify(token);
}
编写过滤器
public class JWTInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
HashMap<String, Object> map = new HashMap<>();
String token = request.getHeader("token");
log.info(token);
try {
JWTUtils.verify(token);
return true;
} catch (Exception e) {
e.printStackTrace();
map.put("msg","无效token");
}
map.put("state",false);
String json = new ObjectMapper().writeValueAsString(map);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().println(json);
return false;
}
写配置类加载加载过滤器
@Configuration
@Slf4j
public class InterceptorConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
log.info("进来了");
registry.addInterceptor(new JWTInterceptor()).addPathPatterns("/user/test").excludePathPatterns("/user/login");
}
## 我的项目CRUD基本列表
- controller
```java
@RestController
@Slf4j
public class UserController {
@Autowired
UserService userService;
@PostMapping("/user/login")
public Map<String,Object> login(User user){
log.info("用户名:"+user.getName());
log.info("密码:"+user.getPassword());
HashMap<String, Object> map = new HashMap<>();
try {
User userDB = userService.login(user);
//生成jwt
Map<String,String> payload=new HashMap<>();
payload.put("id",userDB.getId()+"");
payload.put("name",userDB.getName());
map.put("state",true);
map.put("msg","登录成功");
map.put("token",JWTUtils.getToken(payload));
}catch (Exception e){
map.put("state",false);
map.put("msg",e.getMessage());
}
return map;
}
@GetMapping("/user/test")
public Map<String,Object> list(){
HashMap<String, Object> map = new HashMap<>();
map.put("msg","请求消息成功");
return map;
}
- service
@Service
public class UserServiceImpl implements UserService {
@Autowired
UserDao userDao;
@Override
public User login(User user) {
User dbUser = userDao.login(user);
if(!StringUtils.isEmpty(dbUser)){
return dbUser;
}
throw new RuntimeException("登录失败");
}
mapper.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.atjwt.dao.UserDao">
<select id="login" parameterType="User" resultType="User">
select * from user where name =#{name} and password=#{password}
</select>
</mapper>