1、添加依赖
<!-- JWT相关 -->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.7.0</version>
</dependency>
<!--用于加密-->
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${commons.codec.version}</version>
</dependency>
2、工具类
public class JWTUtil {
// 主题
private static final String SUBJECT = "fis";
// token 过期时间,正常是7天
private static final long EXPIRE = 1000L * 60 * 60 * 24 * 7;
// 加密的密钥
private static final String SECRET = "fis-666-123";
// 令牌前缀
private static final String TOKEN_PREFIX = "cloud-fast-services";
/**
* 根据用户信息,生成令牌
*
* @param user
* @return
*/
public static String geneJsonWebToken(LoginUser user, String pwd) {
Integer userId = user.getId();
String token = Jwts.builder().setSubject(SUBJECT)
.claim("id", userId)
.claim("username", user.getUsername())
.claim("nickname", user.getNickname())
.claim("pwd", pwd)
.setIssuedAt(CommonUtil.getCurrentDate())
.setExpiration(CommonUtil.getCurrentDate(CommonUtil.getCurrentTimeMillis() + EXPIRE))
.signWith(SignatureAlgorithm.HS256, SECRET).compact();
token = TOKEN_PREFIX + token;
return token;
}
/**
* 校验token
*
* @param token
* @return
*/
public static Claims checkJWT(String token) {
try {
return Jwts.parser()
.setSigningKey(SECRET)
.parseClaimsJws(token.replace(TOKEN_PREFIX, "")).getBody();
} catch (Exception e) {
log.error("jwt token 解密失败");
return null;
}
}
}
3、用户类
@Builder
@Data
@NoArgsConstructor
@AllArgsConstructor
public class LoginUser {
private Integer id;
private String username;
private String nickname;
private String headImg;
}
4、使用
private String geneUserToken(SysUserDO sysUserDO) {
LoginUser loginUserDTO = LoginUser.builder().build();
BeanUtils.copyProperties(sysUserDO, loginUserDTO);
String token = JWTUtil.geneJsonWebToken(loginUserDTO, sysUserDO.getPwd());
stringRedisTemplate.opsForValue().set(TOKEN_KEY + sysUserDO.getId(), token, 7, TimeUnit.DAYS);
return token;
}
SysUserDO:用户数据表实体类,主要是
JWTUtil.geneJsonWebToken(loginUserDTO, sysUserDO.getPwd());
生成的token可以存储在redis和返回到前端,pwd的生成使用MD5加盐加密
SysUserDO sysUserDO = new SysUserDO();
sysUserDO.setSecret("$1$" + CommonUtil.getStringNumRandom(8));//盐
sysUserDO.setPwd(Md5Crypt.md5Crypt(INIT_PASSWORD.getBytes(), sysUserDO.getSecret()));
// 获取盐和当前传递的密码就行,加密后与用户密码进行匹配
String cryptPwd = Md5Crypt.md5Crypt(loginRequest.getPassword().getBytes(), sysUserDO.getSecret());