1.令牌的生成和存储
@PostMapping("login")
public Result login(@RequestParam String userName,@RequestParam String password, HttpServletResponse response) throws UnsupportedEncodingException {
User user = userService.getUserByLogin(userName,password);
if(user != null){
String token = UUID.randomUUID()+"";
redisTemplate.opsForValue().set(token,user, Duration.ofMinutes(30L));
return new Result(token,"登录成功",100);
}
return new Result(null,"登录失败",104);
}
2.使用token获取登录信息
@GetMapping("view/getUserOfLogin")
public Result getUserOfLogin(HttpServletRequest request) throws UnsupportedEncodingException {
String token = request.getHeader("token");
Object user = redisTemplate.opsForValue().get(token);
if(user != null){
return new Result(user, "获取登录用户成功", 100);
}
return new Result(null, "获取登录用户失败", 104);
}
3.登录过滤器的Token处理
- 过滤器
- 重置token的时间 redisTemplate.expire(token,30L, TimeUnit.MINUTES);
@WebFilter(urlPatterns = {"/view/*"})
public class LoginFilter implements Filter {
@Resource
private RedisTemplate<String, Object> redisTemplate;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
//Filter过滤器跨域处理
String origin = request.getHeader("Origin");
response.setHeader("Access-Control-Allow-Origin", origin);
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization,token");
response.setHeader("Access-Control-Allow-Credentials", "true");
//获取Headers中的参数
String token = request.getHeader("token");
token = token == null ? "" : token;
//查询token在Redis中的剩余时间
Long expire = redisTemplate.getExpire(token);
if(expire > 0){ //是登录状态
//重置token的时间
redisTemplate.expire(token,30L, TimeUnit.MINUTES);
//放行
filterChain.doFilter(servletRequest,servletResponse);
}else{
//未登录,响应数据
String string = JSONObject.toJSONString(new Result(null, "未登录", 103));
response.setContentType("json/text;charset=utf-8");
PrintWriter out = response.getWriter();
out.write(string);
}
}
@Override
public void destroy() {
}
}
4.注销登录
@GetMapping("view/logout")
public Result logout(HttpServletRequest request){
String token = request.getHeader("token");
Boolean delete = redisTemplate.delete(token);
return new Result(delete,"注销成功",100);
}