springboot +vue实现token登录2
2019-08-07 15:01
1611 查看
原文链接:https://blog.csdn.net/zhy18820612/article/details/92981674
0.写在前面 token的java
思路:
1.生成token
2.拦截器拦截token并且验证token
3.配置拦截器
1.拦截器AuthenticationInterceptor 拦截器拦截token并且验证token
[code]public class AuthenticationInterceptor implements HandlerInterceptor { @Autowired UserService userService; @Override public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object object) throws Exception { String token = httpServletRequest.getHeader("token");// 从 http 请求头中取出 token // 如果不是映射到方法直接通过 if(!(object instanceof HandlerMethod)){ return true; } HandlerMethod handlerMethod=(HandlerMethod)object; Method method=handlerMethod.getMethod(); //检查是否有passtoken注释,有则跳过认证 if (method.isAnnotationPresent(PassToken.class)) { PassToken passToken = method.getAnnotation(PassToken.class); if (passToken.required()) { return true; } } //检查有没有需要用户权限的注解 if (method.isAnnotationPresent(UserLoginToken.class)) { UserLoginToken userLoginToken = method.getAnnotation(UserLoginToken.class); if (userLoginToken.required()) { // 执行认证 if (token == null) { throw new RuntimeException("无token,请重新登录"); } // 获取 token 中的 user id String userId; try { userId = JWT.decode(token).getAudience().get(0); } catch (JWTDecodeException j) { throw new RuntimeException("401"); } User user = userService.findUserById(userId); if (user == null) { throw new RuntimeException("用户不存在,请重新登录"); } // 验证 token JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(user.getPassword())).build(); try { jwtVerifier.verify(token); } catch (JWTVerificationException e) { throw new RuntimeException("401"); } //将验证通过后的用户信息放到请求中 httpServletRequest.setAttribute("currentUser", user); return true; } } return true; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { }
2、配置拦截器
[code]@Configuration public class InterceptorConfig extends WebMvcConfigurationSupport { @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(authenticationInterceptor()) .addPathPatterns("/**"); } @Bean public AuthenticationInterceptor authenticationInterceptor() { return new AuthenticationInterceptor(); } @Override public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) { super.addArgumentResolvers(argumentResolvers); argumentResolvers.add(new CurrentUserMethodArgumentResolver()); } }
2.spring-boot 集成JWT实现token生成
1、引入JWT
依赖,由于是基于Java
,所以需要的是java-jwt
[code]<dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.4.0</version> </dependency>
2、需要自定义两个注解
用来跳过验证的
PassToken
[code]@Target({ElementType.METHOD, ElementType.TYPE}) @Retention(RetentionPolicy.RUNTIME) public @interface UserLoginToken { boolean required() default true; }
需要登录才能进行操作的注解
UserLoginToken
[code]@Target({ElementType.METHOD, ElementType.TYPE}) @Retention(RetentionPolicy.RUNTIME) public @interface PassToken { boolean required() default true; }
3、实体类UserInfo简写
[code]package com.presoft.wydl.packs.system.model; import java.util.Date; import com.fasterxml.jackson.annotation.JsonFormat; public class UserInfo { private Long id; private String rybm; private String zh; private String mm; private String ryxm; }
4、token
的生成方法
[code]package com.presoft.wydl.common.util; import com.auth0.jwt.JWT; import com.auth0.jwt.algorithms.Algorithm; import com.presoft.wydl.packs.system.model.UserInfo; public class JwtUtil { public static String getToken(UserInfo user) { String token=""; token= JWT.create().withAudience(user.getId()) .sign(Algorithm.HMAC256(user.getPassword())); return token; } }
5.登录验证token
[code] @UserLoginToken @RequestMapping(value = "/getUserByName",method = RequestMethod.GET) public BaseResponse getUserByName( String name){ User user= userService.getUserByName(name); if(user!=null){ return new ObjectRestResponse().data(user); } return new ObjectRestResponse().data("false"); }
相关文章推荐
- springboot +vue实现token登录3之获取登录人员信息
- Spring Boot + Security + JWT 实现Token验证+多Provider——登录系统
- vue+springboot前后端分离实现单点登录跨域问题解决方法
- 搭建spring-boot+vue前后端分离框架并实现登录功能
- vue+springboot前后端分离实现单点登录跨域问题解决方法
- swagger+springboot实现前(vue)后端分离
- SpringBoot+Vue前后端分离实现高并发秒杀——前端知识总结
- 使用Vue+Spring Boot实现Excel上传功能
- spring boot如何基于JWT实现单点登录详解
- SpringBoot——登录实现与拦截器篇
- Spring boot 2.x+oauth2实现单点登录:基础准备之Spring Security
- Spring Boot + vue.js下实现向邮箱发送验证码功能
- 单点登录系统实现基于SpringBoot
- SpringBoot 并发登录人数控制的实现方法
- spring boot高性能实现二维码扫码登录(中)——Redis版
- 使用spring-data-jpa+spirngboot整合swagger+vuejs实现一套简单的增删改查demo
- vue登录注册及token验证实现代码
- 七、spring boot 1.5.4 集成shiro+cas,实现单点登录和权限控制
- Spring Cloud -- 使用redis+token实现登录
- springboot+shiro+cas实现单点登录之shiro端搭建