1. 在微服务父工程中pom文件中引入,jwtToken依赖
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.0</version>
</dependency>
2. 配置创建JwtToken的工具类
package priv.kuki.utils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;
import java.util.Date;
public class JwtUtil{
public static final Long JWT_TTL = 3600000L;
public static final String JWT_KEY = "Tang-J-L";
public static String createJWT(String id, String subject, Long ttlMillis){
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
long nowMillis = System.currentTimeMillis();
Date now = new Date(nowMillis);
if (ttlMillis == null) {
ttlMillis = JwtUtil.JWT_TTL;
}
long expMillis = nowMillis + ttlMillis;
Date expDate = new Date(expMillis);
SecretKey secretKey = generalKey();
JwtBuilder jwtBuilder = Jwts.builder()
.setId(id)
.setSubject(subject)
.setIssuer("Tang-J-L")
.setIssuedAt(now)
.signWith(signatureAlgorithm, secretKey)
.setExpiration(expDate);
return jwtBuilder.compact();
}
public static SecretKey generalKey(){
byte[] encodeKey = Base64.getEncoder().encode(JwtUtil.JWT_KEY.getBytes());
SecretKey key = new SecretKeySpec(encodeKey, 0, encodeKey.length, "AES");
return key;
}
public static Claims parseJWT(String jwt){
SecretKey secretKey = generalKey();
return Jwts.parser()
.setSigningKey(secretKey)
.parseClaimsJws(jwt)
.getBody();
}
}
3. 创建用户鉴权的工具类
package priv.kuki.utils;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpCookie;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
import java.lang.annotation.Annotation;
@Component
public class AuthorizeFilter implements GlobalFilter, Order{
public static final String AUTHORIZE_TOKEN = "Authorization";
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain){
ServerHttpRequest request = exchange.getRequest();
ServerHttpResponse response = exchange.getResponse();
String token = request.getHeaders().getFirst(AUTHORIZE_TOKEN);
boolean hasToken = true;
if (StringUtils.isEmpty(token)) {
token = request.getQueryParams().getFirst(AUTHORIZE_TOKEN);
hasToken = false;
}
if (StringUtils.isEmpty(token)) {
HttpCookie httpCookie = request.getCookies().getFirst(AUTHORIZE_TOKEN);
if (httpCookie != null) {
token = httpCookie.getValue();
}
}
if(StringUtils.isEmpty(token)){
R.fail("你还没有登录",token);
return response.setComplete();
}
try{
JwtUtil.parseJWT(token);
}catch(Exception e) {
R.fail("你还没有登录",e);
return response.setComplete();
}
request.mutate().header(AUTHORIZE_TOKEN, token);
return chain.filter(exchange);
}
@Override
public int value(){
return 0;
}
@Override
public Class<? extends Annotation> annotationType(){
return null;
}
}
4. 用户登录成功后创建jwtToken,并将token信息返回给前端
Map<String,Object> tokenMap = new HashMap<>();
tokenMap.put("role","USER");
tokenMap.put("success","SUCCESS");
tokenMap.put("username",user.getUserName());
String token = JwtUtil.createJWT(
UUID.randomUUID().toString(),
JSONUtils.toJSONString(tokenMap),
1800000L
);
Cookie cookie = new Cookie("Authorization", token);
cookie.setDomain("localhost");
cookie.setPath("/");
response.addCookie(cookie);
return R.ok("登录成功!",cookie);