1.导入依赖
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.10.3</version>
</dependency>
2.JWTUtils工具类
public class JWTUtils {
private static final String SIGN = "!Q@W3e4r%T^Y"; //签名
// 生成token
public static String getToken(Map<String,String> map){
Calendar instance = Calendar.getInstance();
instance.add(Calendar.DATE,7);//7天过期
JWTCreator.Builder builder = JWT.create();
map.forEach((k,v)->{
builder.withClaim(k,v);
});
String token = builder.withExpiresAt(instance.getTime()) //过期时间
.sign(Algorithm.HMAC256(SIGN)); //签名
return token;
}
// 验证token合法性,如果返回了DecodedJWT,说明验证成功,同时返回DecodedJWT以便于;如果未返回DecodedJWT,一定是验签过程中出错了。
public static DecodedJWT verify(String token){
return JWT.require(Algorithm.HMAC256(SIGN)).build().verify(token);
}
}
3.拦截器编写
public class JWTInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
HashMap<String, Object> map = new HashMap<>();
//获取请求头中token
String token = request.getHeader("token");
try {
JWTUtils.verify(token); //验证令牌
return true;
} catch (SignatureVerificationException e) {
e.printStackTrace();
map.put("msg","无效签名");
}catch (TokenExpiredException e){
e.printStackTrace();
map.put("msg","token过期!");
}catch (AlgorithmMismatchException e){
e.printStackTrace();
map.put("msg","token无效!");
}catch (Exception e){
e.printStackTrace();
map.put("msg","token无效!");
}
map.put("state",false);
//将map转化为json,相应给前端
String json = new ObjectMapper().writeValueAsString(map);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().println(json);
return false;
}
}
4.注册拦截器
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new JWTInterceptor())
.addPathPatterns("/**") //拦截所有接口
.excludePathPatterns("/user/**"); //放行login接口
}
}
大功告成。别人请求需要在header里添加token传递,校验后才能访问接口。
想了解什么是JWT?请点击https://blog.csdn.net/qq_41347385/article/details/109624658?spm=1001.2014.3001.5501