JWT的基本使用
public class JwtTest {
private static long time = 1000 * 60 * 60 * 24; // 过期时间 一天
private static String signature = "admin"; // 签名信息 加密解密用
public static void main(String[] args) {
encryption(); // 加密
parse();// 解密
}
/**
* JWT 加密
*/
public static void encryption() {
// 创建 JWT 对象
JwtBuilder jwtBuilder = Jwts.builder();
String jwtToken = jwtBuilder
// header(头)
.setHeaderParam("typ", "JWT")
.setHeaderParam("alg", "HS256")// header 算法
// payload(载荷):用户信息
.claim("username", "tom")// payload 载荷(用户信息)
.claim("role", "admin")
.setSubject("admin-test")// payload 主题(可以自定义)
.setExpiration(new Date(System.currentTimeMillis() + time))// 有效时间(24小时)
.setId(UUID.randomUUID().toString())// jwt的id
//signature(签名)
.signWith(SignatureAlgorithm.HS256, signature) // 签名算法和签名变量
// 拼接成签名信息
.compact();
// header(头) : eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.
// payload(载荷) : eyJ1c2VybmFtZSI6InRvbSIsInJvbGUiOiJhZG1pbiIsInN1YiI6ImFkbWluLXRlc3QiLCJleHAiOjE2NjYwNzE0NzAsImp0aSI6ImJjODIwMDIzLTJlMzQtNDQ4Zi1hOTc4LWE5YjU0ZGVkODhmMiJ9.
// signature(签名) : K0YmwMtt0ZZFzA0r_bWjR9Med_aXwbQfBJKaldWsjfE
System.out.println("JWT 加密:" + jwtToken);
}
/**
* 解密
*/
public static void parse() {
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InRvbSIsInJvbGUiOiJhZG1pbiIsInN1YiI6ImFkbWluLXRlc3QiLCJleHAiOjE2NjYwNzE0NzAsImp0aSI6ImJjODIwMDIzLTJlMzQtNDQ4Zi1hOTc4LWE5YjU0ZGVkODhmMiJ9.K0YmwMtt0ZZFzA0r_bWjR9Med_aXwbQfBJKaldWsjfE";
// 创建jwt解密对象
JwtParser jwtParser = Jwts.parser();
// 解密
Jws<Claims> claimsJws = jwtParser.setSigningKey(signature).parseClaimsJws(token);
// 获取 jwt 中载荷
Claims body = claimsJws.getBody();
System.out.println("username:" + body.get("username"));
System.out.println("role:" + body.get("role"));
System.out.println("id:" + body.getId());
System.out.println("签名:" + body.getSubject());
System.out.println("有效期截止时间:" + body.getExpiration());
}
}
spring boot 整合jwt 登录验证
用户实体类
@Data
public class User {
private String username;
private String password;
private String token;
}
跨域
/**
* 跨域
*/
@Configuration
public class CroConfiguration implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowCredentials(true)
.allowedOrigins("*")
.allowedMethods("GET", "POST", "PUT", "DELETE")
.allowedHeaders("*")
.exposedHeaders("*");
}
}
登录和验证token逻辑
@RestController
public class UserController {
private static long time = 1000*60*60*24;
private static String signature = "admin";
// 模拟数据
private final String USERNAME = "admin";
private final String PASSWORD = "123456";
/**
* 登录返回带token的用户信息
*/
@GetMapping("/login")
public User login(User user) {
if (USERNAME.equals(user.getUsername()) && PASSWORD.equals(user.getPassword())) {
// 添加token
JwtBuilder jwtBuilder = Jwts.builder();
String jwtToken = jwtBuilder
.setHeaderParam("typ","JWT")
.setHeaderParam("alg","HS256")
.claim("username","admin")
.setSubject("admin-test")
.setExpiration(new Date(System.currentTimeMillis() + time))
.setId(UUID.randomUUID().toString())
.signWith(SignatureAlgorithm.ES256,signature)
.compact();
user.setToken(jwtToken);
return user;
}
return null;
}
/**
* 验证token
* HttpServletRequest对象的header中获取token(因为前端token通过header传递)
* 前端请求形式:
* axiox({
* url:'http://localhost:8080/checkToken',
* method:'get',
* headers:{
* token:admin.token
* }
* }).then(res)=>{
*
* }
*/
@GetMapping("/checkToken")
public Boolean checkToken(HttpServletRequest request) {
// 从前端的请求头中获取token
String token = request.getHeader("token");
if (token == null) {
return false;
}
// 如果正常解析说明正常,如果抛异常就失败了
try {
JwtParser jwtParser = Jwts.parser();
Jws<Claims> claimsJws = jwtParser.setSigningKey(signature).parseClaimsJws(token);
}catch (Exception e){
return false;
}
return true;
}
}