jwt | Blog

简介

JwtUtils

package com.example.demo.jwt;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.springframework.stereotype.Component;

import java.util.Date;
import java.util.HashMap;

/**
 * @Auther: Yang
 * @Date: 2019/9/4 13:10
 * @Description:
 */
@Component
public class JwtUtils {

    private static String SECRET = "mySecret";
    private static Long EXPIRATION_REMEMBER = 604800L * 1000;

    /***
     * 生成token
     * @param openId
     * @return
     */
    public static String createToken(String openId) {
        HashMap<String, Object> claim = new HashMap<>();
        claim.put("openId", openId);
        return Jwts.builder()
                .signWith(SignatureAlgorithm.HS256, SECRET)//设置签名算法和签名密码
                .setClaims(claim)//设置自定义数据
                .setIssuer("yang")//设置签发人
                .setIssuedAt(new Date())//设置签发时间
                .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION_REMEMBER))//设置过期时间
                .compact();
    }

    /***
     * 通过token先获取claims然后从claims中获取openid
     * @param token
     * @return
     */
    public static String getOpenId(String token) {
        Claims claims = getClaimsFromToken(token);
        if(claims != null){
            String openId = (String) claims.get("openId");  //try catch
            return openId;
        }
        return "";
    }

    /***
     * 通过secret获取token中的claim
     * @param token
     * @return
     */
    public static Claims getClaimsFromToken(String token) {
        Claims claims;
        claims = Jwts.parser()
                    .setSigningKey(SECRET)
                    .parseClaimsJws(token)
                    .getBody();
        return claims == null ? null : claims;
    }


    /***
     * 验证token是否过期
     * @param token
     * @return
     */
    public static Boolean validateToken(String token){
        Claims claims = getClaimsFromToken(token);
        Date expiration = claims.getExpiration();
        return expiration.after(new Date());
    }
}

controller

@GetMapping("token")
public String getToken() {
    String token = JwtUtils.createToken("yb");
    return token;
}

@GetMapping("checktoken")
public ResponseEntity checkToken(HttpServletRequest request) {
    HashMap<Object, Object> map = new HashMap<>();
    String token = request.getHeader("jwtToken");
    System.out.println(token);
    if (token !=null && !token.isEmpty()) {
        //校验token是否过期，若过期，则重新登录，否则获取openId
        if (JwtUtils.validateToken(token)) {
            map.put("success", "验证成功");
            return new ResponseEntity(map, HttpStatus.OK);
        } else {
            map.put("error", "token失效");
            return new ResponseEntity(map, HttpStatus.UNAUTHORIZED);
        }
    } else {
        map.put("error", "token为空");
        return new ResponseEntity(map, HttpStatus.UNAUTHORIZED);
    }
}