• 前后端分离,获取token,验证登陆是否失效

    maven依赖

    <dependency>
    <groupId>com.auth0</groupId>
    <artifactId>java-jwt</artifactId>
    <version>2.2.0</version>
</dependency>
    public class JwtUtils {

    /**
     * 密钥
     */
    private static  final String SECRET="xxxx";
    /**
     * 默认字段key:exp
     */
    private static final String EXP="exp";
    /**
     * 默认字段key:payload
     */
    private static final String PAYLOAD="payload";

    /**
     * 加密
     * @param object 加密数据
     * @param maxTime 有效期(毫秒数)
     * @param <T>
     * @return
     */
    public static <T> String encode(T object,long maxTime){
        try{
            final JWTSigner signer=new JWTSigner(SECRET);
            final Map<String ,Object> data=new HashMap<>(10);
            ObjectMapper objectMapper=new ObjectMapper();
            String jsonString=objectMapper.writeValueAsString(object);
            data.put(PAYLOAD,jsonString);
            data.put(EXP,System.currentTimeMillis()+maxTime);
            return signer.sign(data);
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    /**
     * 数据解密
     * @param jwt 解密数据
     * @param tClass 解密类型
     * @param <T>
     * @return
     */
    public static <T> T decode(String jwt,Class<T> tClass) {
        final JWTVerifier jwtVerifier = new JWTVerifier(SECRET);
        try {
            final Map<String, Object> data = jwtVerifier.verify(jwt);
            //判断数据是否超时或者符合标准
            if (data.containsKey(EXP) && data.containsKey(PAYLOAD)) {
                long exp = (long) data.get(EXP);
                long currentTimeMillis = System.currentTimeMillis();
                if (exp > currentTimeMillis) {
                    String json = (String) data.get(PAYLOAD);
                    ObjectMapper objectMapper = new ObjectMapper();
                    return objectMapper.readValue(json, tClass);
                }
            }
            return null;
        } catch (Exception e) {
            //e.printStackTrace();
            return null;
        }
    }

    //解密token取出userId
    public static <T> T updateDecode(String jwt,Class<T> tClass){
        final JWTVerifier jwtVerifier = new JWTVerifier(SECRET);
        try {
            final Map<String, Object> data = jwtVerifier.verify(jwt);
                    String json = (String) data.get(PAYLOAD);
                    ObjectMapper objectMapper = new ObjectMapper();
                    return objectMapper.readValue(json, tClass);
        } catch (Exception e) {
            //e.printStackTrace();
            return null;
        }
    }
    public static void main(String[] args) throws InterruptedException {
//        有效期10秒
//        加密:
//        TestCenterAdministratorsVO test = new TestCenterAdministratorsVO();
//        test.setId(1L);
//        test.setLoginName("sa");
//        String token=encode(test,1000000);
//        System.out.println("TOKEN======="+token);
//        //Thread.sleep(10000);
////      解密
//        TestCenterAdministratorsVO user=decode(token,TestCenterAdministratorsVO.class);
//        System.out.println(user.getId()+user.getLoginName());
        //removeDecode("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NDcwODkwNTYxNDgsInBheWxvYWQiOiJ7XCJpZFwiOjEsXCJuYW1lXCI6bnVsbCxcInBob25lTnVtYmVyXCI6bnVsbCxcImxvZ2luTmFtZVwiOlwic2FcIixcInNlcmlhbE51bWJlclwiOm51bGwsXCJ0eXBlXCI6bnVsbCxcInRlc3RDZW50ZXJJZFwiOm51bGwsXCJvcmdhbml6YXRpb25JZFwiOm51bGwsXCJtYWluU2l0ZUFkbWluXCI6ZmFsc2UsXCJhZG1pblwiOmZhbHNlLFwib3JnYW5pemF0aW9uTmFtZVwiOm51bGx9In0.FgYm4wSDhkZukqlRukjwvxQ1BM746AWQfCmGucMP3pc");
    updateDecode("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NDcwMTgxNTU4OTYsInBheWxvYWQiOiJ7XCJpZFwiOjIwMTAwMDAzMyxcIm5hbWVcIjpcIuW6numTtuaYjFwiLFwicGhvbmVOdW1iZXJcIjpudWxsLFwibG9naW5OYW1lXCI6XCJwYW5neWluY2hhbmdcIixcInNlcmlhbE51bWJlclwiOm51bGwsXCJ0eXBlXCI6XCJNQUlOU0lURUFETUlOXCIsXCJ0ZXN0Q2VudGVySWRcIjo3OSxcIm9yZ2FuaXphdGlvbklkXCI6XCIwMDFcIixcIm1haW5TaXRlQWRtaW5cIjp0cnVlLFwiYWRtaW5cIjpmYWxzZSxcIm9yZ2FuaXphdGlvbk5hbWVcIjpudWxsfSJ9.yrYlU4djPPQyu1mneQgkVgLCEQiJ2pKkyX8EVw0NcY8",TestCenterAdministratorsVO.class);

    }
}

    跨域设置拦截器

    import com.alibaba.fastjson.JSONObject;
import org.springframework.web.bind.annotation.RequestMethod;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Created with IDEA
 * author:QinWei
 * Date:2019/1/8
 * Time:16:15
 */
public class AjaxFilter implements Filter {

    @Override
    public void destroy() {

    }


    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
                         FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        //禁止首页访问
        String url = request.getRequestURI();
        if("/".equals(url)){
            return;
        }
        // 指定允许其他域名访问
        response.setHeader("Access-Control-Allow-Origin", "*");
    // 响应类型
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, OPTIONS, DELETE");
    // 响应头设置
        response.setHeader("Access-Control-Allow-Headers", "Content-Type, x-requested-with, X-Custom-Header, HaiYi-Access-Token");
        chain.doFilter(req, res);
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
    }
}

    web.xml

    <filter>
        <filter-name>ajaxFilter</filter-name>
        <filter-class>*.*.*.web.servlet.barcode.AjaxFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>ajaxFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

     拦截token过滤器,包含获取spring--bean手动注入

    response .setContentType("text/html;charset=utf-8");
        PrintWriter out = response.getWriter();
        String actionName = context.getActionInvocation().getProxy().getActionName();
        String url = request.getRequestURI();
        ServletContext application = ServletActionContext.getServletContext();
        WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(application);
        this.testCenterService = (TestCenterService)ctx.getBean("testCenterService");
        if(!url.equals("/login")){
            //悠闲判断是否为空或者时间是否失效
            String token = request.getParameter("token");
            TestCenterAdministratorsVO user = JwtUtils.decode(token, TestCenterAdministratorsVO.class);
            if(null==token||"".equals(token)||null==user){
                out.print(Message.error(0,"token不合法!"));
                return null;
            }else{
                try {
                    //再次判断数据库状态
                        TestCenterAdministratorsVO users = JwtUtils.updateDecode(token, TestCenterAdministratorsVO.class);
                       String tokens = testCenterService.scheckToken(token,users.getId());
                        if(null==tokens){
                            out.print(Message.error(0,"token不合法!"));
                            return null;
                    }
                }catch (Exception e){
                    out.print(Message.error());
                    return null;
                }
            }
        }

    加群:687942640

    微信扫描公众号
  • 相关阅读:
    SpringMVC @RequestBody请求参数在postman中的请求
    git rm -r --cached 去掉已经托管在git上的文件
    shiro源码解析--------欢迎指出错误地方,还有一起讨论一下ShiroFilterFactoryBean配置过滤URL规则
    如何用Tomcat部署前端静态文件
    用HTML 格式导出Excel
    csv和excel的区别
    使用HttpOnly提升Cookie安全性
    asp.net core 如何在Controller获取配置文件的值
    Find Out What Your Entity Framework Query Is Really Doing
    鸡汤
  • 原文地址:https://www.cnblogs.com/qwlscn/p/11495368.html
Copyright © 2020-2023  润新知