springboot 添加JWT接口認(rèn)證
點(diǎn)擊上方藍(lán)色字體,選擇“標(biāo)星公眾號(hào)”
優(yōu)質(zhì)文章,第一時(shí)間送達(dá)
? 作者?|??低調(diào)碼農(nóng)哥!?
來源 |? urlify.cn/6fuQVj
66套java從入門到精通實(shí)戰(zhàn)課程分享?
注:此認(rèn)證方式生成token基本jdk8.0,?jdk其它版本有些方法不支持
pom.xml文件添加引用
<dependency><groupId>io.jsonwebtokengroupId><artifactId>jjwtartifactId><version>0.9.1version>dependency>
完整pom文件
<projectxmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0modelVersion><parent><groupId>org.springframework.bootgroupId><artifactId>spring-boot-starter-parentartifactId><version>2.3.2.RELEASEversion><relativePath/>parent><groupId>com.xjgroupId><artifactId>demoartifactId><version>0.0.1-SNAPSHOTversion><name>demoname><description>Demo project for Spring Bootdescription><properties><java.version>1.8java.version><kotlin.version>1.4.0kotlin.version>properties><dependencies><dependency><groupId>org.springframework.bootgroupId><artifactId>spring-boot-starter-webartifactId>dependency><dependency><groupId>org.mybatis.spring.bootgroupId><artifactId>mybatis-spring-boot-starterartifactId><version>2.1.1version>dependency><dependency><groupId>mysqlgroupId><artifactId>mysql-connector-javaartifactId><scope>runtimescope>dependency><dependency><groupId>org.springframework.bootgroupId><artifactId>spring-boot-starter-testartifactId><scope>testscope><exclusions><exclusion><groupId>org.junit.vintagegroupId><artifactId>junit-vintage-engineartifactId>exclusion>exclusions>dependency><dependency><groupId>io.springfoxgroupId><artifactId>springfox-swagger-uiartifactId><version>3.0.0version><scope>compilescope>dependency><dependency><groupId>io.jsonwebtokengroupId><artifactId>jjwtartifactId><version>0.9.1version>dependency><dependency><groupId>org.projectlombokgroupId><artifactId>lombokartifactId><optional>trueoptional><version>1.18.12version>dependency><dependency><groupId>com.alibabagroupId><artifactId>fastjsonartifactId><version>1.2.73version>dependency><dependency><groupId>commons-beanutilsgroupId><artifactId>commons-beanutilsartifactId><version>1.9.3version>dependency><dependency><groupId>commons-collectionsgroupId><artifactId>commons-collectionsartifactId><version>3.2.1version>dependency><dependency><groupId>commons-langgroupId><artifactId>commons-langartifactId><version>2.6version>dependency><dependency><groupId>commons-logginggroupId><artifactId>commons-loggingartifactId><version>1.1.1version>dependency><dependency><groupId>net.sf.ezmorphgroupId><artifactId>ezmorphartifactId><version>1.0.6version>dependency><dependency><groupId>net.sf.json-libgroupId><artifactId>json-libartifactId><version>2.2.3version><classifier>jdk15classifier>dependency><dependency><groupId>com.alibabagroupId><artifactId>fastjsonartifactId><version>1.2.7version>dependency><dependency><groupId>io.springfoxgroupId><artifactId>springfox-boot-starterartifactId><version>3.0.0version>dependency>dependencies><build><plugins><plugin><groupId>org.springframework.bootgroupId><artifactId>spring-boot-maven-pluginartifactId><configuration><mainClass>com.xj.demo.DemoApplicationmainClass>configuration><executions><execution><goals><goal>repackagegoal>goals>execution>executions>plugin><plugin><groupId>org.apache.maven.pluginsgroupId><artifactId>maven-jar-pluginartifactId><version>2.6version><configuration><archive><manifest><addClasspath>trueaddClasspath><classpathPrefix>lib/classpathPrefix><mainClass>com.xj.demo.DemoApplicationmainClass>manifest>archive>configuration>plugin><plugin><groupId>org.apache.maven.pluginsgroupId><artifactId>maven-dependency-pluginartifactId><version>2.10version><executions><execution><id>copy-dependenciesid><phase>packagephase><goals><goal>copy-dependenciesgoal>goals><configuration><outputDirectory>${project.build.directory}/configoutputDirectory>configuration>execution>executions>plugin>plugins>build>project>
jwt密鑰配置?application.properties
#基本配置spring.datasource.url=jdbc:mysql://127.0.0.1:3306/business?useUnicode=true&characterEncoding=utf-8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTCspring.datasource.username=rootspring.datasource.password=rootspring.datasource.driverClassName=com.mysql.cj.jdbc.Driver#使用mysqlspring.jpa.database = mysql#是否顯示sql語句spring.jpa.show-sql=true#mybatis配置 mybatis.config-location=classpath:mybatis-config.xml // 配置文件位置mybatis.typeAliasesPackage=com.xj.demo.modelmybatis.mapper-locations=classpath:mapper/*.xml#代表這個(gè)JWT的接收對(duì)象,存入audienceaudience.clientId=098f6bcd4621d373cade4e832627b4f6# 密鑰, 經(jīng)過Base64加密, 可自行替換audience.base64Secret=MDk4ZjZiY2Q0NjIxZDM3M2NhZGU0ZTgzMjYyN2I0ZjY=#JWT的簽發(fā)主體,存入issueraudience.name=springbootapi# 過期時(shí)間,48小時(shí)過期audience.expiresSecond= 172800#配置mybaits自定義類型轉(zhuǎn)換類所在的包# mybatis.type-handlers-package=com.hl.handler
JWTToken類
package com.xj.demo.common;import com.xj.demo.common.exception.CustomException;import com.xj.demo.common.response.ResultCode;import com.xj.demo.config.Audience;import io.jsonwebtoken.*;import org.apache.logging.log4j.util.Base64Util;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import javax.crypto.spec.SecretKeySpec;import javax.xml.bind.DatatypeConverter;import java.security.Key;import java.util.Date;/*** JWTToken類*/public class JwtTokenUtil {private static Logger log = LoggerFactory.getLogger(JwtTokenUtil.class);public static final String AUTH_HEADER_KEY = "Authorization";public static final String TOKEN_PREFIX = "Bearer ";/*** 解析jwt* @param jsonWebToken* @param base64Security* @return*/public static Claims parseJWT(String jsonWebToken, String base64Security) {try {Claims claims = Jwts.parser().setSigningKey(DatatypeConverter.parseBase64Binary(base64Security)).parseClaimsJws(jsonWebToken).getBody();return claims;} catch (ExpiredJwtException eje) {log.error("===== Token過期 =====", eje);throw new CustomException(ResultCode.PERMISSION_TOKEN_EXPIRED);} catch (Exception e){log.error("===== token解析異常 =====", e);throw new CustomException(ResultCode.PERMISSION_TOKEN_INVALID);}}/*** 構(gòu)建jwt* @param userId* @param username* @param role* @param audience* @return*/public static String createJWT(String userId, String username, String role, Audience audience) {try {// 使用HS256加密算法SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;long nowMillis = System.currentTimeMillis();Date now = new Date(nowMillis);//生成簽名密鑰byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(audience.getBase64Secret());Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());//userId是重要信息,進(jìn)行加密下String encryId = Base64Util.encode(userId);//添加構(gòu)成JWT的參數(shù)JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")// 可以將基本不重要的對(duì)象信息放到claims.claim("role", role).claim("userId", userId).setSubject(username) // 代表這個(gè)JWT的主體,即它的所有人.setIssuer(audience.getClientId()) // 代表這個(gè)JWT的簽發(fā)主體;.setIssuedAt(new Date()) // 是一個(gè)時(shí)間戳,代表這個(gè)JWT的簽發(fā)時(shí)間;.setAudience(audience.getName()) // 代表這個(gè)JWT的接收對(duì)象;.signWith(signatureAlgorithm, signingKey);//添加Token過期時(shí)間int TTLMillis = audience.getExpiresSecond();if (TTLMillis >= 0) {long expMillis = nowMillis + TTLMillis;Date exp = new Date(expMillis);builder.setExpiration(exp) // 是一個(gè)時(shí)間戳,代表這個(gè)JWT的過期時(shí)間;.setNotBefore(now); // 是一個(gè)時(shí)間戳,代表這個(gè)JWT生效的開始時(shí)間,意味著在這個(gè)時(shí)間之前驗(yàn)證JWT是會(huì)失敗的}//生成JWTreturn builder.compact();} catch (Exception e) {log.error("簽名失敗", e);throw new CustomException(ResultCode.PERMISSION_SIGNATURE_ERROR);}}/*** 從token中獲取用戶名* @param token* @param base64Security* @return*/public static String getUsername(String token, String base64Security){return parseJWT(token, base64Security).getSubject();}/*** 從token中獲取用戶ID* @param token* @param base64Security* @return*/public static String getUserId(String token, String base64Security){String userId = parseJWT(token, base64Security).get("userId", String.class);//return Base64Util.decode(userId);return userId;}/*** 是否已過期* @param token* @param base64Security* @return*/public static boolean isExpiration(String token, String base64Security) {return parseJWT(token, base64Security).getExpiration().before(new Date());}}
token驗(yàn)證攔截器(filter)
package com.xj.demo.filter;import com.xj.demo.annotation.JwtIgnore;import com.xj.demo.common.JwtTokenUtil;import com.xj.demo.common.exception.CustomException;import com.xj.demo.common.response.ResultCode;import com.xj.demo.config.Audience;import lombok.extern.slf4j.Slf4j;import org.apache.commons.lang.StringUtils;import org.springframework.beans.factory.BeanFactory;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.http.HttpMethod;import org.springframework.web.context.support.WebApplicationContextUtils;import org.springframework.web.method.HandlerMethod;import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;import javax.servlet.annotation.WebFilter;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;/*** ========================* token驗(yàn)證攔截器* Created with IntelliJ IDEA.* User:xj* Date:2020/8/18* Version: v1.0* ========================*/@Slf4j//@WebFilter(urlPatterns = "/filter-api/*", filterName = "jwkTokenFilter")public class JwtInterceptor extends HandlerInterceptorAdapter {@Autowiredprivate Audience audience;@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {// 忽略帶JwtIgnore注解的請(qǐng)求, 不做后續(xù)token認(rèn)證校驗(yàn)if (handler instanceof HandlerMethod) {HandlerMethod handlerMethod = (HandlerMethod) handler;JwtIgnore jwtIgnore = handlerMethod.getMethodAnnotation(JwtIgnore.class);if (jwtIgnore != null) {return true;}}if (HttpMethod.OPTIONS.equals(request.getMethod())) {response.setStatus(HttpServletResponse.SC_OK);return true;}// 獲取請(qǐng)求頭信息authorization信息final String authHeader = request.getHeader(JwtTokenUtil.AUTH_HEADER_KEY);log.info("## authHeader= {}", authHeader);if (StringUtils.isBlank(authHeader) || !authHeader.startsWith(JwtTokenUtil.TOKEN_PREFIX)) {log.info("### 用戶未登錄,請(qǐng)先登錄 ###");response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);throw new CustomException(ResultCode.USER_NOT_LOGGED_IN);}// 獲取tokenfinal String token = authHeader.substring(7);if(audience == null){BeanFactory factory = WebApplicationContextUtils.getRequiredWebApplicationContext(request.getServletContext());audience = (Audience) factory.getBean("audience");}try {// 驗(yàn)證token是否有效--無效已做異常拋出,由全局異常處理后返回對(duì)應(yīng)信息JwtTokenUtil.parseJWT(token, audience.getBase64Secret());}catch (Exception e){response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);throw new CustomException(ResultCode.USER_NOT_LOGGED_IN);}return true;}}
JWT驗(yàn)證忽略注解
package com.xj.demo.annotation;import java.lang.annotation.*;/*** ========================* JWT驗(yàn)證忽略注解* Created with IntelliJ IDEA.* User:xj* Date:2020/8/18 9:50* Version: v1.0* ========================*/@Target({ElementType.METHOD})@Retention(RetentionPolicy.RUNTIME)@Documentedpublic @interface JwtIgnore {}
自定義異常類型
package com.xj.demo.common.exception;import com.xj.demo.common.response.ResultCode;import java.text.MessageFormat;/*** 自定義異常類型* @author xj**/public class CustomException extends RuntimeException {//錯(cuò)誤代碼ResultCode resultCode;public CustomException(ResultCode resultCode){super(resultCode.message());this.resultCode = resultCode;}public CustomException(ResultCode resultCode, Object... args){super(resultCode.message());String message = MessageFormat.format(resultCode.message(), args);resultCode.setMessage(message);this.resultCode = resultCode;}public ResultCode getResultCode(){return resultCode;}}
統(tǒng)一響應(yīng)結(jié)果集
package com.xj.demo.common.response;import com.fasterxml.jackson.databind.annotation.JsonSerialize;/*** ========================* 統(tǒng)一響應(yīng)結(jié)果集* Created with IntelliJ IDEA.* User:xj* Date:2020/8/18 9:50* Version: v1.0* ========================*/public class Result<T> {//操作代碼int code;//提示信息String message;//結(jié)果數(shù)據(jù)T data;public Result(ResultCode resultCode){this.code = resultCode.code();this.message = resultCode.message();}public Result(ResultCode resultCode, T data){this.code = resultCode.code();this.message = resultCode.message();this.data = data;}public Result(String message){this.message = message;}public static Result SUCCESS(){return new Result(ResultCode.SUCCESS);}public staticResult SUCCESS(T data){ return new Result(ResultCode.SUCCESS, data);}public static Result FAIL(){return new Result(ResultCode.FAIL);}public static Result FAIL(String message){return new Result(message);}public int getCode() {return code;}public void setCode(int code) {this.code = code;}public String getMessage() {return message;}public void setMessage(String message) {this.message = message;}public T getData() {return data;}public void setData(T data) {this.data = data;}}
package com.xj.demo.common.response;/*** ========================* 通用響應(yīng)狀態(tài)* Created with IntelliJ IDEA.* User:xj* Date:2020/8/18* Time:10:10* Version: v1.0* ========================*/public enum ResultCode {/* 成功狀態(tài)碼 */SUCCESS(1,"操作成功!"),/* 錯(cuò)誤狀態(tài)碼 */FAIL(-1,"操作失敗!"),/* 參數(shù)錯(cuò)誤:10001-19999 */PARAM_IS_INVALID(10001, "參數(shù)無效"),PARAM_IS_BLANK(10002, "參數(shù)為空"),PARAM_TYPE_BIND_ERROR(10003, "參數(shù)格式錯(cuò)誤"),PARAM_NOT_COMPLETE(10004, "參數(shù)缺失"),/* 用戶錯(cuò)誤:20001-29999*/USER_NOT_LOGGED_IN(20001, "用戶未登錄,請(qǐng)先登錄"),USER_LOGIN_ERROR(20002, "賬號(hào)不存在或密碼錯(cuò)誤"),USER_ACCOUNT_FORBIDDEN(20003, "賬號(hào)已被禁用"),USER_NOT_EXIST(20004, "用戶不存在"),USER_HAS_EXISTED(20005, "用戶已存在"),/* 數(shù)據(jù)錯(cuò)誤:50001-599999 */RESULT_DATA_NONE(50001, "數(shù)據(jù)未找到"),DATA_IS_WRONG(50002, "數(shù)據(jù)有誤"),DATA_ALREADY_EXISTED(50003, "數(shù)據(jù)已存在"),/* 權(quán)限錯(cuò)誤:70001-79999 */PERMISSION_UNAUTHENTICATED(70001,"此操作需要登陸系統(tǒng)!"),PERMISSION_UNAUTHORISE(70002,"權(quán)限不足,無權(quán)操作!"),PERMISSION_EXPIRE(70003,"登錄狀態(tài)過期!"),PERMISSION_TOKEN_EXPIRED(70004, "token已過期"),PERMISSION_LIMIT(70005, "訪問次數(shù)受限制"),PERMISSION_TOKEN_INVALID(70006, "無效token"),PERMISSION_SIGNATURE_ERROR(70007, "簽名失敗");//操作代碼int code;public int code() {return code;}public void setCode(int code) {this.code = code;}public String message() {return message;}public void setMessage(String message) {this.message = message;}//提示信息String message;ResultCode(int code, String message){this.code = code;this.message = message;}}
登錄接口
package com.xj.demo.controller;import com.alibaba.fastjson.JSONObject;import com.fasterxml.jackson.databind.util.JSONPObject;import com.xj.demo.annotation.JwtIgnore;import com.xj.demo.common.JwtTokenUtil;import com.xj.demo.common.response.Result;import com.xj.demo.config.Audience;import io.swagger.annotations.Api;import io.swagger.annotations.ApiOperation;import lombok.extern.slf4j.Slf4j;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.boot.jackson.JsonObjectDeserializer;import org.springframework.web.bind.annotation.PostMapping;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RestController;import javax.servlet.http.HttpServletResponse;import java.util.UUID;public class LoginController {private Audience audience;public Result adminLogin(HttpServletResponse response, String username, String password) {// 這里模擬測試, 默認(rèn)登錄成功,返回用戶ID和角色信息String userId = UUID.randomUUID().toString();String role = "admin";// 創(chuàng)建tokenString token = JwtTokenUtil.createJWT(userId, username, role, audience);log.info("### 登錄成功, token={} ###", token);// 將token放在響應(yīng)頭response.setHeader(JwtTokenUtil.AUTH_HEADER_KEY, JwtTokenUtil.TOKEN_PREFIX + token);return Result.SUCCESS(token);}}
驗(yàn)證登錄截圖
源碼下載地址:https://download.csdn.net/download/haojuntu/12805887
粉絲福利:108本java從入門到大神精選電子書領(lǐng)取
???
?長按上方鋒哥微信二維碼?2 秒 備注「1234」即可獲取資料以及 可以進(jìn)入java1234官方微信群
感謝點(diǎn)贊支持下哈?
評(píng)論
圖片
表情