Springboot整合JWT
-
导入pom依赖
<dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.15.0</version> </dependency>
-
配置jwt工具类
package com.liu.jwt.utils; import com.auth0.jwt.JWT; import com.auth0.jwt.JWTCreator; import com.auth0.jwt.algorithms.Algorithm; import com.auth0.jwt.interfaces.DecodedJWT; import java.util.Calendar; import java.util.HashMap; public class JWTUtils { private static final String SIGN = "!Q@W3E4R"; /** * 获取token * @param map * @return */ public static String getToken(HashMap<String,String> map){ JWTCreator.Builder builder = JWT.create(); map.forEach((k,v)->{ builder.withClaim(k,v); }); Calendar instance = Calendar.getInstance(); instance.add(Calendar.DATE,7); builder.withExpiresAt(instance.getTime()); String token = builder.sign(Algorithm.HMAC384(SIGN)); return token; } /** * 验证token * @param token * @return */ public static DecodedJWT verify(String token){ DecodedJWT decodedJWT = JWT.require(Algorithm.HMAC384(SIGN)).build().verify(token); return decodedJWT; } }
-
编写拦截器
package com.liu.jwt.interceptors; import com.auth0.jwt.exceptions.AlgorithmMismatchException; import com.auth0.jwt.exceptions.InvalidClaimException; import com.auth0.jwt.exceptions.SignatureVerificationException; import com.auth0.jwt.exceptions.TokenExpiredException; import com.fasterxml.jackson.databind.ObjectMapper; import com.liu.jwt.utils.JWTUtils; import org.springframework.web.servlet.HandlerInterceptor; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.HashMap; import java.util.Map; public class JwtInterceptors implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String token = request.getHeader("token"); Map<String,Object> map = new HashMap<>(); try{ JWTUtils.verify(token); return true; }catch (SignatureVerificationException e) { e.printStackTrace(); map.put("msg", "签名不一致"); } catch (TokenExpiredException e) { e.printStackTrace(); map.put("msg", "令牌过期"); } catch (AlgorithmMismatchException e) { e.printStackTrace(); map.put("msg", "算法不匹配"); } catch (InvalidClaimException e) { e.printStackTrace(); map.put("msg", "失效的payload"); } catch (Exception e) { e.printStackTrace(); map.put("msg", "token无效"); } String s = new ObjectMapper().writeValueAsString(map); response.setContentType("application/json;charset=utf-8"); response.getWriter().println(s); return false; } }
-
编写InterceptorsConfig类来实现WebMvcConfigurer
package com.liu.jwt.config; import com.liu.jwt.interceptors.JwtInterceptors; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class InterceptorsConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(new JwtInterceptors()) .addPathPatterns("/**") .excludePathPatterns("/jwt"); } }
-
以后想要访问路径,需要传入token令牌