一、JWT工具类
package cn.dd.fharchives.fh.common.jwt.jwt2; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jws; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import org.springframework.util.StringUtils; import javax.servlet.http.HttpServletRequest; import java.util.Date; /** * * @date 2022-4-1 14:39 * JWT工具类 */ public class JwtUtils { /** * 两个常量: 过期时间;秘钥 */ public static final long EXPIRE = 1000*60*60*24; public static final String SECRET = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZjH6/EnG1kTuj1xJMzD0mPwsUh0rAgE5YJ9JytuoCF0oIfe8C9oATSGmbzJIGfwMV70EsTCTtbAHyZR4nTYnMF6ut+h7wd9MuKcwzHCBjVSBml3RFjaZwOdSdDkqOys9zb2CEGTe2Jij+rauMgk4Ic2ruWzBbaO1NAbb5KmETQQIDAQAB"; /** * 过期5分钟 * */ private static final long EXPIRE_TIME = 5 * 60 * 1000; /** * 过期2分钟 * */ private static final long EXPIRE_TIME_TWO = 2 * 60 * 1000; /** * 过期30分钟 * */ private static final long EXPIRE_TIME_THIRT = 30 * 60 * 1000; /** * 生成token字符串的方法 * @param id * @param nickname * @return */ public static String getJwtToken(String id,String nickname){ String JwtToken = Jwts.builder() //JWT头信息 .setHeaderParam("typ", "JWT") .setHeaderParam("alg", "HS2256") //设置分类;设置过期时间 一个当前时间,一个加上设置的过期时间常量 .setSubject("lin-user") .setIssuedAt(new Date()) .setExpiration(new Date(System.currentTimeMillis() + EXPIRE_TIME_THIRT)) //设置token主体信息,存储用户信息 .claim("id", id) .claim("nickname", nickname) //.signWith(SignatureAlgorithm.ES256, SECRET) .signWith(SignatureAlgorithm.HS256, SECRET) .compact(); return JwtToken; } /** * 判断token是否存在与有效 * @Param jwtToken */ public static boolean checkToken(String jwtToken){ if (StringUtils.isEmpty(jwtToken)){ return false; } try{ //验证token Jwts.parser().setSigningKey(SECRET).parseClaimsJws(jwtToken); }catch (Exception e){ e.printStackTrace(); return false; } return true; } /** * 判断token是否存在与有效 * @Param request */ public static boolean checkToken(HttpServletRequest request){ try { String token = request.getHeader("token"); if (StringUtils.isEmpty(token)){ return false; } Jwts.parser().setSigningKey(SECRET).parseClaimsJws(token); }catch (Exception e){ e.printStackTrace(); return false; } return true; } /** * 根据token获取会员id * @Param request */ public static String getMemberIdByJwtToken(HttpServletRequest request){ String token = request.getHeader("token"); if (StringUtils.isEmpty(token)){ return ""; } Jws<Claims> claimsJws = Jwts.parser().setSigningKey(SECRET).parseClaimsJws(token); Claims body = claimsJws.getBody(); Object id = body.get("id"); Object nickname = body.get("nickname"); String pv = (String)id + "|" + (String) nickname; return pv; // return (String) body.get("id"); } }
二、使用,校验token
String token = request.getHeader("token"); if(null != token) { boolean checkToken = JwtUtils.checkToken(token); if (checkToken) return true; else { response.sendRedirect(request.getContextPath()+"/login"); return false; } }