Spring boot整合JWT

<dependencies>

        <dependency>

            <groupId>com.auth0</groupId>

            <artifactId>java-jwt</artifactId>

            <version>3.4.0</version>

        </dependency>

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-web</artifactId>

        </dependency>

        <dependency>

            <groupId>org.mybatis.spring.boot</groupId>

            <artifactId>mybatis-spring-boot-starter</artifactId>

            <version>2.1.2</version>

        </dependency>

        <dependency>

            <groupId>org.projectlombok</groupId>

            <artifactId>lombok</artifactId>

        </dependency>

        <dependency>

            <groupId>com.alibaba</groupId>

            <artifactId>druid</artifactId>

            <version>1.1.22</version>

        </dependency>

        <dependency>

            <groupId>mysql</groupId>

            <artifactId>mysql-connector-java</artifactId>

        </dependency>

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-test</artifactId>

            <scope>test</scope>

            <exclusions>

                <exclusion>

                    <groupId>org.junit.vintage</groupId>

                    <artifactId>junit-vintage-engine</artifactId>

                </exclusion>

            </exclusions>

        </dependency>

    </dependencies>

CREATE TABLE `user` (

  `id` int(11) NOT NULL AUTO_INCREMENT,

  `name` varchar(30) DEFAULT NULL,

  `password` varchar(64) DEFAULT NULL,

  PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;

package com.example.springbootjwt.entity;

/**

 * @author kalvin
 * @version 1.0
 * @Date 2021/2/2 10:15
 * @Description
 **/
import lombok.Data;
import lombok.experimental.Accessors;

@Data

@Accessors(chain=true)

public class User {

    private String id;

    private String name;

    private String password;

}

package com.example.springbootjwt.dao;

import com.example.springbootjwt.entity.User;

import org.apache.ibatis.annotations.Mapper;

@Mapper

public interface UserDao {

   User login(User user);

}

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"

        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">

<mapper namespace="com.example.springbootjwt.dao.UserDao">

    <select id="login" parameterType="User" resultType="User">

        select * from user where name= #{name} and password= #{password}

    </select>

</mapper>

package com.example.springbootjwt.service;

import com.example.springbootjwt.entity.User;

public interface UserService {

    User login(User user);

}

package com.example.springbootjwt.service;

import com.example.springbootjwt.dao.UserDao;

import com.example.springbootjwt.entity.User;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Service;

/**

 * @author kalvin
 * @version 1.0
 * @Date 2021/2/2 10:19
 * @Description
 **/
@Service
public class UserServiceImpl implements UserService {
    @Autowired
    private UserDao userDao;

    @Override

    public User login(User user) {

        User user1 = userDao.login(user);

        if(user1!=null){

            return user1;

        }

        throw new RuntimeException("认证失败！");

    }

}

package com.example.springbootjwt.interceptor;

import com.auth0.jwt.exceptions.AlgorithmMismatchException;

import com.auth0.jwt.exceptions.SignatureVerificationException;

import com.auth0.jwt.exceptions.TokenExpiredException;

import com.example.springbootjwt.utils.JWTUtils;

import com.fasterxml.jackson.databind.ObjectMapper;

import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.util.HashMap;

import java.util.Map;

/**

 * @author kalvin
 * @version 1.0
 * @Date 2021/2/2 10:27
 * @Description
 **/
public class JWTInterceptor implements HandlerInterceptor {

    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)

            throws Exception {

        //获取请求头中的token

        String token = request.getHeader("token");

        Map<String,Object> map = new HashMap<String, Object>();

        try {

            JWTUtils.TokenVerify(token);

            //放行请求

            return true;

        } catch (SignatureVerificationException e) {

            map.put("msg", "无效签名");

            e.printStackTrace();

        } catch (TokenExpiredException e) {

            map.put("msg", "token已过期");

            e.printStackTrace();

        } catch (AlgorithmMismatchException e) {

            map.put("msg", "算法不一致");

            e.printStackTrace();

        } catch (Exception e) {

            map.put("msg", "token无效");

            e.printStackTrace();

        }

        map.put("state",false);

        //使用jackson将map转为json

        String json = new ObjectMapper().writeValueAsString(map);

        response.setContentType("application/json;charset=UTF-8");

        response.getWriter().print(json);

        return false;

    }

}

package com.example.springbootjwt.config;

import com.example.springbootjwt.interceptor.JWTInterceptor;

import org.springframework.context.annotation.Configuration;

import org.springframework.web.servlet.config.annotation.InterceptorRegistry;

import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**

 * @author kalvin
 * @version 1.0
 * @Date 2021/2/2 10:30
 * @Description
 **/
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {

    public void addInterceptors(InterceptorRegistry registry) {

        //注册拦截器JWTInterceptor，对用户名密码登入进行权限验证

        registry.addInterceptor(new JWTInterceptor())

                //指定拦截器注册拦截器JWTInterceptor要拦截的请求(支持*通配符)

                .addPathPatterns("/**")

                //指定拦截器JWTInterceptor不拦截的请求(支持*通配符)

                .excludePathPatterns("/user/login");

    }

}

package com.example.springbootjwt.utils;

import java.util.Calendar;

import java.util.Map;

import com.auth0.jwt.JWT;

import com.auth0.jwt.JWTCreator;

import com.auth0.jwt.algorithms.Algorithm;

import com.auth0.jwt.interfaces.DecodedJWT;

/**

 * @author kalvin
 * @version 1.0
 * @Date 2021/2/2 10:24
 * @Description
 **/
public class JWTUtils {

    private static final String SIGN= "!@#$%^&*123456789";

    /**

     * 生成Token
     */
    public static String getToken(Map<String,String> map) {
        Calendar instance = Calendar.getInstance();
        instance.add(Calendar.DATE, 7);
        //创建JWTBuilder
        JWTCreator.Builder builder = JWT.create();
        //设置payload
        map.forEach((k,v)->{
            builder.withClaim(k, v);
        });
        //设置过期时间和签名，生成token
        String token = builder.withExpiresAt(instance.getTime())
                .sign(Algorithm.HMAC256(SIGN));
        return token;
    }

    /**

     * 验证token
     */
    public static void TokenVerify(String token) {
        JWT.require(Algorithm.HMAC256(SIGN)).build().verify(token);
    }

    /**

     * 获取token信息
     */
    public static DecodedJWT getTokenInfo(String token) {
        DecodedJWT verify = JWT.require(Algorithm.HMAC256(SIGN)).build().verify(token);
        return verify;
    }

}

package com.example.springbootjwt.controller;

import com.auth0.jwt.interfaces.DecodedJWT;

import com.example.springbootjwt.entity.User;

import com.example.springbootjwt.service.UserServiceImpl;

import com.example.springbootjwt.utils.JWTUtils;

import lombok.extern.slf4j.Slf4j;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.web.bind.annotation.GetMapping;

import org.springframework.web.bind.annotation.PostMapping;

import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

import java.util.HashMap;

import java.util.Map;

/**

 * @author kalvin
 * @version 1.0
 * @Date 2021/2/2 10:31
 * @Description
 **/
@RestController
@Slf4j
public class UserController {

    @Autowired

    private UserServiceImpl userServiceImpl;

    @GetMapping("/user/login")

    public Map<String,Object> login(User user){

        log.info("用户名：[{}]",user.getName());

        log.info("密码：[{}]",user.getPassword());

        Map<String,Object> map = new HashMap<String, Object>();

        try {

            User userDB = userServiceImpl.login(user);

            Map<String,String> payload = new HashMap<String, String>();

            payload.put("id", userDB.getId());

            payload.put("name", userDB.getName());

            String token = JWTUtils.getToken(payload);

            map.put("state",true);

            map.put("msg","认证成功");

            map.put("token", token);

        } catch (Exception e) {

            map.put("state",false);

            map.put("msg",e.getMessage());

        }

        return map;

    }

    @PostMapping("/user/test")

    public Map<String,Object> test(HttpServletRequest request){

        String token = request.getHeader("token");

        DecodedJWT tokenInfo = JWTUtils.getTokenInfo(token);

        log.info("用户id：[{}]",tokenInfo.getClaim("id").asString());

        log.info("用户名：[{}]",tokenInfo.getClaim("name").asString());

        Map<String,Object> map = new HashMap<String, Object>();

        map.put("state", true);

        map.put("msg","请求成功");

        return map;

    }

}