Token简单使用
1.maven导入依赖
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.0</version>
</dependency>
2.封装加密解密工具
import com.codingfuture.entity.User;
import io.jsonwebtoken.*;
import java.text.SimpleDateFormat;
import java.util.Date;
public class CreateJwt {
public static String getoken(User user) {
JwtBuilder jwtBuilder = Jwts.builder()
.setId(user.getId()+"")
.setIssuer(user.getRole()+"")
.setSubject(user.getUsername())
.setIssuedAt(new Date())
.signWith(SignatureAlgorithm.HS256,"coding-future")
.setExpiration(new Date(new Date().getTime()+3600000));
return jwtBuilder.compact();
}
public static Claims tokenToOut(String token) {
Claims claims;
try {
claims = Jwts.parser().setSigningKey("coding-future")
.parseClaimsJws(token)
.getBody();
System.out.println("用户id:"+claims.getId());
System.out.println("用户名:"+claims.getSubject());
System.out.println("用户时间"+new SimpleDateFormat("yyyy-MM-dd HH:mm:ss")
.format(claims.getIssuedAt()));
System.out.println("过期时间"+ new SimpleDateFormat("yyyy-MM-dd HH:mm:ss")
.format(claims.getExpiration()));
System.out.println("用户角色" + claims.getIssuer());
}
catch (ExpiredJwtException e) {
claims = e.getClaims();
}
return claims;
}
}
3.拦截器配置
package com.codingfuture.web.interceptor;
import com.alibaba.fastjson.JSONArray;
import com.codingfuture.common.web.CreateJwt;
import com.codingfuture.common.web.Result;
import io.jsonwebtoken.Claims;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.*;
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String authorization = request.getHeader("Authorization");
if (authorization != null && !authorization.isEmpty() ) {
Claims claims = CreateJwt.tokenToOut(authorization);
Date expiration = claims.getExpiration();
long effective = expiration.getTime();
if (effective - new Date().getTime()> 0) {
return true;
} else {
requestFail(request,response,401,"timeOut");
return false;
}
} else {
requestFail(request,response,403,"no-Access");
return false;
}
}
public void requestFail (HttpServletRequest request, HttpServletResponse response,Integer code,String message) {
System.out.println("拦截器工作了");
Map<String, Object> map = new HashMap<>();
response.setHeader("content-type", "application/json");
map.put("code", code);
map.put("message", message);
String str = JSONArray.toJSONString(map);
PrintWriter writer = null;
try {
writer = response.getWriter();
} catch (IOException e) {
e.printStackTrace();
}
writer.write(str);
}
}
4.前端在响应拦截器统一处理403请求
import axios from 'axios'
import { Notification } from 'element-ui'
import 'nprogress/nprogress.css'
import NProgress from 'nprogress'
const ConfigBaseURL = process.env.VUE_APP_BASE_API
const Service = axios.create({
timeout: 5000,
baseURL: ConfigBaseURL,
method: 'post',
headers: {
'Content-Type': 'application/json;charset=UTF-8'
}
})
Service.interceptors.request.use((config) => {
NProgress.start()
config.headers.Authorization = JSON.parse(window.localStorage.getItem('token'))
return config
})
Service.interceptors.response.use(
(response) => {
const res = response.data
NProgress.done()
if (response.config.method !== 'get') {
Notification({
title: '操作成功',
message: res.message,
type: 'success',
offset: 55,
duration: 1500
})
}
if (response.data.code === 403) {
Notification({
message: res.message,
type: 'error',
offset: 55,
duration: 1500
})
}
return response.data
},
(error) => {
console.log('TCL: error', error)
const msg = error.Message !== undefined ? error.Message : ''
Notification({
message: '网络错误' + msg,
type: 'error',
offset: 55,
duration: 1500
})
return Promise.reject(error)
}
)
export default Service