基于Jwt的token认证

其他 2019-04-04 14:41:21 阅读次数: 0

1 引入依赖

<!--引入jwt-->
<dependency>
    <groupId>com.auth0</groupId>
    <artifactId>java-jwt</artifactId>
    <version>3.3.0</version>
</dependency>

2 Jwt工具类

package com.ai.aiga.util.token;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;

import java.util.HashMap; import java.util.Map; public class JwtUtil { /** * 生成签名 * @param userName * @param userId * @return 加密的token * @throws Exception */ public static String createToken(String userId, String userName) throws Exception{ Map<String, Object> map = new HashMap<String, Object>(); map.put("alg", "HS256"); map.put("typ", "JWT"); String token = JWT.create() .withHeader(map)//header .withClaim("userId", userId) .withClaim("userName", userName) .sign(Algorithm.HMAC256("xx"));//xx为私钥 return token; } /** * 验证token * @param token * @return 验证的结果 * @throws Exception */ public static boolean verifyToken(String token) { try{ JWTVerifier verifier = JWT.require(Algorithm.HMAC256("xx")).build(); DecodedJWT jwt = verifier.verify(token); return true; }catch(Exception e){ return false; } } }

3 基于spring-mvc的token认证

  3.1 配置spring-mvc.xml文件

<mvc:interceptors>  
    <mvc:interceptor>
        <!--模糊匹配需要拦截的url路径-->
      <mvc:mapping path="/**/arch/archQry/**"/>
        <!--自定义的拦截器-->
      <bean class="com.ai.aiga.util.token.TokenInterceptor"></bean>
    </mvc:interceptor>
</mvc:interceptors>

  3.2 添加拦截器

package com.ai.aiga.util.token;

import com.ai.aiga.view.json.base.JsonBean;
import com.alibaba.fastjson.JSON;
import net.sf.json.JSONObject;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class TokenInterceptor implements HandlerInterceptor { /** * @param request * @param response * @param handler * @return * @throws Exception */ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { request.setCharacterEncoding("utf-8"); String token = request.getHeader("accessToken"); if(null != token){ boolean result =JwtUtil.verifyToken(token); if(result){ return true; } } JsonBean bean = new JsonBean(); bean.setRetCode("502"); bean.setRetMessage("error"); response.getWriter().write(JSON.toJSONString(bean)); return false; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { } }

4 基于shiro的token认证

  4.1 配置spring-shiro.xml文件

<!-- Shiro Filter -->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager" />
        <property name="filters">  
            <map>  
                <entry key="token">
                    <bean class="com.ai.aiga.security.shiro.TokenInterceptor" />
                </entry>
            </map>  
        </property> 
        <property name="filterChainDefinitions">
            <value>
                /**/arch/archQry/** = token                   
            </value>
        </property>
    </bean>

  4.2 添加拦截器  

package com.ai.aiga.security.shiro;

import com.ai.aiga.util.token.JwtUtil;
import com.ai.aiga.view.json.base.JsonBean;
import com.alibaba.fastjson.JSON;
import org.apache.shiro.web.servlet.AdviceFilter;
import org.apache.shiro.web.util.WebUtils; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.Map; public class TokenInterceptor extends AdviceFilter { /** * @param request * @param response * @return * @throws Exception */ protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception { request.setCharacterEncoding("utf-8"); String token = WebUtils.toHttp(request).getHeader("accessToken"); if(null != token){ boolean result =JwtUtil.verifyToken(token); if(result){ return true; } } WebUtils.toHttp(response).setHeader("Content-type", "text/html;charset=UTF-8"); response.setCharacterEncoding("utf-8"); JsonBean bean = new JsonBean(); bean.setRetCode("502"); bean.setRetMessage("token认证失败"); response.getWriter().write(JSON.toJSONString(bean)); return false; } }

猜你喜欢

转载自www.cnblogs.com/huyj99/p/10653610.html
今日推荐
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
《美国对全球网络空间安全与发展的威胁和破坏》报告发布
火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱?
北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”
周排行
rbac——界面、权限
Apache CXF + SpringMVC 整合发布WebService
so插件化
Vue.js实战系列---图标字体制作(svg格式)
PAT乙级 1007 素数对猜想(孪生素数对) (20分) ---(C语言 + 详细注释)
被IRM保护的文档,打开失败
Calendar和Date计算日期差的小问题
win10子系统ubuntu18.4安装docker
利用Wrap Shell Script定位Android Native内存泄漏
MySQL: Transaction (Part I - Basic Concept)
每日归档
更多
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)
2024-04-27(56)
2024-04-26(39)
2024-04-25(22)
2024-04-24(36)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022