热门标签
热门文章
- 1aws rds监控慢sql_如何使用Web控制台和AWS CLI停止AWS RDS SQL Server
- 2(附源码)spring boot物联网智能管理平台 毕业设计 211120_springboot 物联网相关技术有那些
- 3python常用字符串拼接方法_python字符串连接输出字符串
- 4多个comfyui之间如何共享模型,节省存储空间_comfyui共用模型
- 5AI、AGI、AIGC与AIGC、NLP、LLM,ChatGPT区分
- 6MySql中的CAST_mysql cast
- 7yolo v5 onnxruntime与opencv cv2加载部署推理、实时摄像头检测_onnxruntime yolo 多路摄像头识别
- 8git 的注册与常用的方式_agit网站注册
- 9AIGC从入门到入坑01(初学者适用版)_aigc百问百答适合新手入门
- 10我的软件测试面试经历,7轮高强度面试顺利入职_软件测试怎么面试高级别
当前位置: article > 正文
spring boot 实现token验证登陆状态
作者:小舞很执着 | 2024-07-19 09:30:16
赞
踩
spring boot 实现token验证登陆状态
1、添加maven依赖到pom.xml
- <dependency>
- <groupId>io.jsonwebtoken</groupId>
- <artifactId>jjwt-api</artifactId>
- <version>0.11.5</version>
- </dependency>
- <dependency>
- <groupId>io.jsonwebtoken</groupId>
- <artifactId>jjwt-impl</artifactId>
- <version>0.11.5</version>
- </dependency>
-
-
- <dependency>
- <groupId>io.jsonwebtoken</groupId>
- <artifactId>jjwt-gson</artifactId>
- <version>0.11.5</version>
- </dependency>
2、写个持久工具类
- package com.scxhgh.scxhgh.token_session;
-
- import io.jsonwebtoken.Claims;
- import io.jsonwebtoken.Jwts;
- import io.jsonwebtoken.SignatureAlgorithm;
- import io.jsonwebtoken.security.Keys;
- import org.springframework.stereotype.Component;
-
- import java.security.Key;
- import java.util.Date;
-
- @Component
- public class JwtUtil {
-
-
- //
- // <dependency>
- // <groupId>io.jsonwebtoken</groupId>
- // <artifactId>jjwt-api</artifactId>
- // <version>0.11.5</version>
- // </dependency>
- // <dependency>
- // <groupId>io.jsonwebtoken</groupId>
- // <artifactId>jjwt-impl</artifactId>
- // <version>0.11.5</version>
- // </dependency>
- //
- //
- // <dependency>
- // <groupId>io.jsonwebtoken</groupId>
- // <artifactId>jjwt-gson</artifactId>
- // <version>0.11.5</version>
- // </dependency>
-
-
- private final String secretKey = "dshhdshissajsakpxfksxxz"; // 用于签署和验证令牌的密钥,请替换为自己的密钥
- private final Key key = Keys.hmacShaKeyFor(secretKey.getBytes());
-
- private final long validityInMilliseconds = 3600000; // 令牌有效期一小时
- // private final long validityInMilliseconds = 60000; // 令牌有效期一分钟
- public String generateToken(String username) {
- Date now = new Date();
- Date validity = new Date(now.getTime() + validityInMilliseconds);
-
- return Jwts.builder()
- .setSubject(username)
- .setIssuedAt(now)
- .setExpiration(validity)
- .signWith(key, SignatureAlgorithm.HS256)
- .compact();
- }
-
- public String getUsernameFromToken(String token) {
- Claims claims = Jwts.parserBuilder()
- .setSigningKey(key)
- .build()
- .parseClaimsJws(token)
- .getBody();
-
- return claims.getSubject();
- }
-
- public boolean validateToken(String token) {
- try {
- Jwts.parserBuilder()
- .setSigningKey(key)
- .build()
- .parseClaimsJws(token);
- return true;
- } catch (Exception e) {
- return false;
- }
- }
- }
3、启动服务器测试下,写个controller和html,客户端请求获取token
controller(生成token 与验证 token):
- package com.scxhgh.scxhgh.token_session;
-
- import org.springframework.web.bind.annotation.*;
-
- @RestController
- @RequestMapping("/api")
- public class UserController {
-
-
- private final JwtUtil jwtUtil;
-
- public UserController(JwtUtil jwtUtil) {
- this.jwtUtil = jwtUtil;
- }
-
- // 生成token
- @PostMapping("/login_token")
- public String login(@RequestBody UserLoginRequest request) {
- // 在实际应用中,你可以验证用户名和密码,然后生成令牌
- // 这里只是一个简单的示例,假设用户名有效
-
- String username = request.getUsername();
- String token = jwtUtil.generateToken(username);
-
- return token;
- }
-
- // 验证token
-
-
-
- @GetMapping("/user")
- public String getUserInfo(@RequestHeader("Authorization") String token) {
- if (jwtUtil.validateToken(token)) {
- String username = jwtUtil.getUsernameFromToken(token);
- return "Hello, " + username + "!";
- } else {
- return "Invalid token";
- }
- }
- }
html (请求token)
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Login Page</title>
- </head>
- <body>
- <h1>Login Page</h1>
- <form id="login-form">
- <label for="username">Username:</label>
- <input type="text" id="username" name="username" required><br><br>
-
- <label for="password">Password:</label>
- <input type="password" id="password" name="password" required><br><br>
-
- <button type="button" onclick="login()">Login</button>
- </form>
-
- <div id="token-info" style="display: none;">
- <h2>Token Information</h2>
- <p id="token-content"></p>
- </div>
-
- <script>
- function login() {
- const username = document.getElementById('username').value;
- const password = document.getElementById('password').value;
-
- // 发送登录请求到后端
- fetch('/api/login_token', {
- method: 'POST',
- headers: {
- 'Content-Type': 'application/json'
- },
- body: JSON.stringify({ username, password })
- })
- .then(response => response.text())
- .then(token => {
- // 显示令牌信息
- document.getElementById('token-info').style.display = 'block';
- document.getElementById('token-content').textContent = 'Token: ' + token;
- })
- .catch(error => {
- console.error('Login failed:', error);
- });
- }
- </script>
- </body>
- </html>
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小舞很执着/article/detail/850699
推荐阅读
相关标签
