登录

src/main/java/com/jz/aspect/JwtInterceptor.java

+package com.jz.aspect;
+
+import com.jz.utils.JwtUtil;
+import org.apache.log4j.Logger;
+import org.springframework.util.StringUtils;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+//@Component
+public class JwtInterceptor implements HandlerInterceptor {
+
+  /*  Logger logger= Logger.getLogger(JwtInterceptor.class);
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        //如果不是映射到方法直接通过
+        if (!(handler instanceof HandlerMethod)) {
+            return true;
+        }
+        String uri = request.getRequestURI();
+        //登陆地址过滤
+        if (check(uri)) {
+            return true;
+        }
+        //从 http 请求头中取出 token
+        String token = request.getHeader("token");
+        if (StringUtils.isEmpty(token)) {
+            throw new RuntimeException("无 token ，请重新登陆");
+        }
+        return JwtUtil.checkSign(token);
+    }
+
+    private boolean check(String uri){
+        return uri.startsWith("/api/Account/login")||uri.startsWith("/api/Code")|| uri.startsWith("/api/MesSysConfig")||uri.contains("_FILE");
+    }*/
+
+}
+

src/main/java/com/jz/config/MvcConfig.java

+package com.jz.config;
+
+import com.jz.aspect.JwtInterceptor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class MvcConfig implements WebMvcConfigurer {
+
+    /**
+     * 添加jwt拦截器，并指定拦截路径
+     */
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(jwtInterceptor())
+                .addPathPatterns("/api/**");
+    }
+
+    /**
+     * jwt拦截器
+     */
+    @Bean
+    public JwtInterceptor jwtInterceptor() {
+        return new JwtInterceptor();
+    }
+}
+

src/main/java/com/jz/config/WebMvcConfig.java

-package com.jz.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.util.ResourceUtils;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-/**
- * @ClassName:WebMvcConfig
- * @Auther: lei
- * @Description:
- * @Date: 2023-02-08 14
- */
-@Configuration
-public class WebMvcConfig implements WebMvcConfigurer {
-
-}
-

src/main/java/com/jz/utils/JwtUtil.java

+package com.jz.utils;
+
+import com.alibaba.fastjson.JSON;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTVerifier;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTDecodeException;
+
+import java.util.Date;
+
+public class JwtUtil {
+    /**
+     * 过期12小时
+     * */
+    private static final long EXPIRE_TIME = 12*60 * 60 * 1000;
+
+    /**
+     * jwt密钥
+     * */
+    private static final String SECRET = "ShanXiJianzhu";
+
+    /**
+     * 生成jwt字符串，五分钟后过期  JWT(json web token)
+     * @param userId
+     * @param sessionUserBo,Map的value只能存放值的类型为：Map，List，Boolean，Integer，Long，Double，String and Date
+     * @return
+     * */
+    public static String sign(String userId, Object sessionUserBo) {
+        try {
+            Date date = new Date(System.currentTimeMillis() + EXPIRE_TIME);
+            Algorithm algorithm = Algorithm.HMAC256(SECRET);
+            String userInfo= JSON.toJSONString(sessionUserBo);
+            return JWT.create()
+                    //将userId保存到token里面
+                    .withAudience(userId)
+                    //存放自定义数据
+                    .withClaim("userInfo", userInfo)
+                    //五分钟后token过期
+                    .withExpiresAt(date)
+                    //token的密钥
+                    .sign(algorithm);
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+    /**
+     * 根据token获取userId
+     * @param token
+     * @return
+     * */
+    public static Long getUserPk(String token) {
+        try {
+            String userId = JWT.decode(token).getAudience().get(0);
+            return Long.parseLong(userId);
+        }catch (JWTDecodeException e) {
+            return 0L;
+        }
+    }
+
+    /**
+     * 根据token获取自定义数据info
+     * @param token
+     * @return
+     * */
+    public static String getUserInfo(String token) {
+        try {
+            return JWT.decode(token).getClaim("userInfo").asString();
+        }catch (JWTDecodeException e) {
+            return null;
+        }
+    }
+
+    /**
+     * 校验token
+     * @param token
+     * @return
+     * */
+    public static boolean checkSign(String token) {
+
+            Algorithm algorithm  = Algorithm.HMAC256(SECRET);
+            JWTVerifier verifier = JWT.require(algorithm)
+                    //.withClaim("username, username)
+                    .build();
+            verifier.verify(token);
+            return true;
+
+    }
+}
+