接口url:/login
请求方式:POST
请求参数:
返回数据:
{ "success": true, "code": 200, "msg": "success", "data": "token" }
添加jwt依赖包:
io.jsonwebtoken jjwt0.9.1
JWT工具类:
package com.mszlu.blog.utils; import io.jsonwebtoken.Jwt; import io.jsonwebtoken.JwtBuilder; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import java.util.Date; import java.util.HashMap; import java.util.Map; public class JWTUtils { private static final String jwtToken = "123456Mszlu!@#$$"; public static String createToken(Long userId){ Mapclaims = new HashMap<>(); claims.put("userId",userId); JwtBuilder jwtBuilder = Jwts.builder() .signWith(SignatureAlgorithm.HS256, jwtToken) // 签发算法,秘钥为jwtToken .setClaims(claims) // body数据,要唯一,自行设置 .setIssuedAt(new Date()) // 设置签发时间 .setExpiration(new Date(System.currentTimeMillis() + 24 * 60 * 60 * 60 * 1000));// 一天的有效时间 String token = jwtBuilder.compact(); return token; } public static Map checkToken(String token){ try { Jwt parse = Jwts.parser().setSigningKey(jwtToken).parse(token); return (Map ) parse.getBody(); }catch (Exception e){ e.printStackTrace(); } return null; } }
loginController:
package com.example.blog.controller; import com.example.blog.service.LoginService; import com.example.blog.vo.Result; import com.example.blog.vo.params.LoginParams; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @RestController @RequestMapping("/login") public class LoginController { @Autowired private LoginService loginService; @PostMapping public Result login(@RequestBody LoginParams loginParams) { return loginService.login(loginParams); } }
LoginServiceImpl:
package com.example.blog.service.impl; import com.alibaba.fastjson.JSON; import com.example.blog.entity.SysUser; import com.example.blog.service.LoginService; import com.example.blog.service.SysUserService; import com.example.blog.utils.JWTUtils; import com.example.blog.vo.ErrorCode; import com.example.blog.vo.Result; import com.example.blog.vo.params.LoginParams; import org.apache.commons.codec.digest.DigestUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Lazy; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.thymeleaf.util.StringUtils; import java.util.Map; import java.util.concurrent.TimeUnit; @Service @Transactional public class LoginServiceImpl implements LoginService { //加密盐 private static final String salt = "mszlu!@#"; @Lazy @Autowired private SysUserService sysUserService; @Autowired private RedisTemplateredisTemplate; @Override public Result login(LoginParams loginParams) { String account = loginParams.getAccount(); String password = loginParams.getPassword(); if(StringUtils.isEmpty(account) || StringUtils.isEmpty(password)) { return Result.fail(ErrorCode.PARAMS_ERROR.getCode(),ErrorCode.PARAMS_ERROR.getMsg()); } password = DigestUtils.md5Hex(password+salt); SysUser sysUser = sysUserService.findUserByAccountAndPassword(loginParams.getAccount(),password); if(sysUser == null) { return Result.fail(ErrorCode.ACCOUNT_PWD_NOT_EXIST.getCode(),ErrorCode.ACCOUNT_PWD_NOT_EXIST.getMsg()); } String token = JWTUtils.createToken(sysUser.getId()); redisTemplate.opsForValue().set("TOKEN_"+token, JSON.toJSonString(sysUser),1, TimeUnit.DAYS); return Result.success(token); } }
SysUserServiceImpl:
package com.example.blog.service.impl; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.example.blog.dao.mapper.SysUserMapper; import com.example.blog.entity.SysUser; import com.example.blog.service.LoginService; import com.example.blog.service.SysUserService; import com.example.blog.vo.ErrorCode; import com.example.blog.vo.LoginUserVo; import com.example.blog.vo.Result; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.thymeleaf.util.StringUtils; import java.util.List; @Service public class SysUserServiceImpl implements SysUserService { @Autowired private SysUserMapper sysUserMapper; @Override public SysUser findUserByAccountAndPassword(String account, String password) { LambdaQueryWrapperqueryWrapper = new LambdaQueryWrapper<>(); queryWrapper.eq(SysUser::getAccount,account); queryWrapper.eq(SysUser::getPassword,password); return sysUserMapper.selectOne(queryWrapper); } }
设置返回给前端的错误码:
package com.example.blog.vo; public enum ErrorCode { PARAMS_ERROR(415,"参数有误"), ACCOUNT_PWD_NOT_EXIST(400,"用户名或密码不存在"), TOKEN_ERROR(401,"token不合法"), ACCOUNT_EXIST(401,"用户已经存在!"), NO_PERMISSION(401,"无访问权限"), SESSION_TIME_OUT(408,"会话超时"), NO_LOGIN(401,"未登录"),; private int code; private String msg; ErrorCode(int code, String msg){ this.code = code; this.msg = msg; } public int getCode() { return code; } public void setCode(int code) { this.code = code; } public String getMsg() { return msg; } public void setMsg(String msg) { this.msg = msg; } }
获取用户信息:
接口url:/users/currentUser
请求方式:GET
请求参数:
返回数据:
{ "success": true, "code": 200, "msg": "success", "data": { "id":1, "account":"1", "nickaname":"1", "avatar":"ss" } }
后端逻辑:
1.前端传token给后端
2.LoginServiceImpl调用checkToken检查token是否合法(我觉得没必要,直接从redis里面找就可以了)
3.JWT调用checkToken,获取map(里面主要存的是B部分,也就是userId)
4.判断map是否为空,如果为空,则返回null。
如果不为空,则从redis里面取出对应的sysUser(String),再通过parseObject返回SysUser.class的sysUser。
5.如果LoginServiceImpl调用的checkToken返回的是null,则直接返回fail
6.如果不是null,则将获取的sysUser封装为前端所需要的LoginUserVo,再进行返回
UserController:
package com.example.blog.controller; import com.example.blog.service.SysUserService; import com.example.blog.vo.Result; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; @RestController @RequestMapping("/users") public class UserController { @Autowired private SysUserService sysUserService; @GetMapping("/currentUser") public Result currentUser(@RequestHeader("Authorization") String token) { return sysUserService.findUserByToken(token); } }
SysUserServiceImpl:
package com.example.blog.service.impl; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.example.blog.dao.mapper.SysUserMapper; import com.example.blog.entity.SysUser; import com.example.blog.service.LoginService; import com.example.blog.service.SysUserService; import com.example.blog.vo.ErrorCode; import com.example.blog.vo.LoginUserVo; import com.example.blog.vo.Result; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.thymeleaf.util.StringUtils; import java.util.List; @Service public class SysUserServiceImpl implements SysUserService { @Autowired private SysUserMapper sysUserMapper; @Autowired private LoginService loginService; @Override public SysUser findUserByAccountAndPassword(String account, String password) { LambdaQueryWrapperqueryWrapper = new LambdaQueryWrapper<>(); queryWrapper.eq(SysUser::getAccount,account); queryWrapper.eq(SysUser::getPassword,password); return sysUserMapper.selectOne(queryWrapper); } @Override public Result findUserByToken(String token) { SysUser sysUser = loginService.checkToken(token); if(sysUser == null) { return Result.fail(ErrorCode.TOKEN_ERROR.getCode(),ErrorCode.TOKEN_ERROR.getMsg()); } LoginUserVo loginUserVo = new LoginUserVo(); loginUserVo.setId(sysUser.getId()); loginUserVo.setNickname(sysUser.getNickname()); loginUserVo.setAccount(sysUser.getAccount()); loginUserVo.setAvatar(sysUser.getAvatar()); return Result.success(loginUserVo); } }
将获取的sysUser封装为前端所需要的LoginUserVo,再进行返回:
LoginUserVo:
package com.example.blog.vo; import lombok.Data; @Data public class LoginUserVo { private Long id; private String account; private String nickname; private String avatar; }
LoginServiceImpl:
package com.example.blog.service.impl; import com.alibaba.fastjson.JSON; import com.example.blog.entity.SysUser; import com.example.blog.service.LoginService; import com.example.blog.service.SysUserService; import com.example.blog.utils.JWTUtils; import com.example.blog.vo.ErrorCode; import com.example.blog.vo.Result; import com.example.blog.vo.params.LoginParams; import org.apache.commons.codec.digest.DigestUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Lazy; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.thymeleaf.util.StringUtils; import java.util.Map; import java.util.concurrent.TimeUnit; @Service @Transactional public class LoginServiceImpl implements LoginService { //加密盐 private static final String salt = "mszlu!@#"; @Lazy @Autowired private SysUserService sysUserService; @Autowired private RedisTemplateredisTemplate; @Override public Result login(LoginParams loginParams) { String account = loginParams.getAccount(); String password = loginParams.getPassword(); if(StringUtils.isEmpty(account) || StringUtils.isEmpty(password)) { return Result.fail(ErrorCode.PARAMS_ERROR.getCode(),ErrorCode.PARAMS_ERROR.getMsg()); } password = DigestUtils.md5Hex(password+salt); SysUser sysUser = sysUserService.findUserByAccountAndPassword(loginParams.getAccount(),password); if(sysUser == null) { return Result.fail(ErrorCode.ACCOUNT_PWD_NOT_EXIST.getCode(),ErrorCode.ACCOUNT_PWD_NOT_EXIST.getMsg()); } String token = JWTUtils.createToken(sysUser.getId()); redisTemplate.opsForValue().set("TOKEN_"+token, JSON.toJSonString(sysUser),1, TimeUnit.DAYS); return Result.success(token); } @Override public SysUser checkToken(String token) { if(StringUtils.isEmpty(token)) { return null; } Map stringObjectMap = JWTUtils.checkToken(token); if(stringObjectMap == null) { return null; } String userJson = redisTemplate.opsForValue().get("TOKEN_" + token); if(StringUtils.isEmpty(userJson)) { return null; } return JSON.parseObject(userJson,SysUser.class); } }
退出登录:前端传入对应token,后端从redis删掉该token即可
LogoutController:
package com.example.blog.controller; import com.example.blog.service.LoginService; import com.example.blog.vo.Result; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @RestController @RequestMapping("logout") public class LogoutController { @Autowired private LoginService loginService; @GetMapping public Result logout(@RequestHeader("Authorization") String token) { return loginService.logout(token); } }
loginServiceImpl
@Override public Result logout(String token) { redisTemplate.delete("TOKEN_"+token); return Result.success(null); }
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)