From 16e06994c2f138d3411eec43a791f8e51bc5c2c7 Mon Sep 17 00:00:00 2001 From: Amadeus Date: Sat, 20 Apr 2024 21:27:55 +0800 Subject: [PATCH] =?UTF-8?q?Jwt=E4=BB=A4=E7=89=8C=E9=A2=81=E5=8F=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pom.xml | 5 +++ .../example/config/SecurityConfiguration.java | 20 +++++++--- .../com/example/{ => entity}/RestBean.java | 2 +- .../entity/vo/response/AuthorizeV0.java | 13 +++++++ src/main/java/com/example/utils/JwtUtils.java | 39 +++++++++++++++++++ src/main/resources/application.yaml | 7 +++- 6 files changed, 79 insertions(+), 7 deletions(-) rename src/main/java/com/example/{ => entity}/RestBean.java (95%) create mode 100644 src/main/java/com/example/entity/vo/response/AuthorizeV0.java create mode 100644 src/main/java/com/example/utils/JwtUtils.java diff --git a/pom.xml b/pom.xml index 92c9f8f..aa06b7b 100644 --- a/pom.xml +++ b/pom.xml @@ -52,6 +52,11 @@ spring-boot-starter-test test + + com.auth0 + java-jwt + 4.3.0 + org.springframework.security spring-security-test diff --git a/src/main/java/com/example/config/SecurityConfiguration.java b/src/main/java/com/example/config/SecurityConfiguration.java index edbdc45..484c581 100644 --- a/src/main/java/com/example/config/SecurityConfiguration.java +++ b/src/main/java/com/example/config/SecurityConfiguration.java @@ -1,6 +1,9 @@ package com.example.config; -import com.example.RestBean; +import com.example.entity.RestBean; +import com.example.entity.vo.response.AuthorizeV0; +import com.example.utils.JwtUtils; +import jakarta.annotation.Resource; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; @@ -11,15 +14,15 @@ import org.springframework.security.config.annotation.web.configurers.AbstractHt import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.userdetails.User; import org.springframework.security.web.SecurityFilterChain; -import org.springframework.security.web.authentication.AuthenticationFailureHandler; -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; import java.io.IOException; @Configuration public class SecurityConfiguration { + @Resource + JwtUtils utils; @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { return http @@ -49,8 +52,15 @@ public class SecurityConfiguration { HttpServletResponse response, Authentication authentication) throws IOException, ServletException { response.setContentType("application/json;charset=utf-8"); + User user = (User) authentication.getPrincipal(); - response.getWriter().write(RestBean.success().asJsonString()); + String token = utils.createJwt(user , 1 , "小明"); //随便起一个id和用户名 作为令牌的 + AuthorizeV0 v0 = new AuthorizeV0(); + v0.setExpire(utils.expireTime()); + v0.setRole(""); + v0.setToken(token); + v0.setUsername("小明"); + response.getWriter().write(RestBean.success(v0).asJsonString()); //将实体对象v0返回 } public void onAuthenticationFailure(HttpServletRequest request, diff --git a/src/main/java/com/example/RestBean.java b/src/main/java/com/example/entity/RestBean.java similarity index 95% rename from src/main/java/com/example/RestBean.java rename to src/main/java/com/example/entity/RestBean.java index ffe3062..d55b518 100644 --- a/src/main/java/com/example/RestBean.java +++ b/src/main/java/com/example/entity/RestBean.java @@ -1,4 +1,4 @@ -package com.example; +package com.example.entity; import com.alibaba.fastjson2.JSONObject; import com.alibaba.fastjson2.JSONWriter; diff --git a/src/main/java/com/example/entity/vo/response/AuthorizeV0.java b/src/main/java/com/example/entity/vo/response/AuthorizeV0.java new file mode 100644 index 0000000..8aef62b --- /dev/null +++ b/src/main/java/com/example/entity/vo/response/AuthorizeV0.java @@ -0,0 +1,13 @@ +package com.example.entity.vo.response; + +import lombok.Data; + +import java.util.Date; + +@Data +public class AuthorizeV0 { + String username; + String role; + String token; + Date expire; +} diff --git a/src/main/java/com/example/utils/JwtUtils.java b/src/main/java/com/example/utils/JwtUtils.java new file mode 100644 index 0000000..f8d0b88 --- /dev/null +++ b/src/main/java/com/example/utils/JwtUtils.java @@ -0,0 +1,39 @@ +package com.example.utils; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.algorithms.Algorithm; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.stereotype.Component; + +import java.util.Calendar; +import java.util.Date; + +@Component +public class JwtUtils { + @Value("${spring.security.jwt.key}") + String key; + + @Value("${spring.security.jwt.expire}") + int expire; + + public String createJwt(UserDetails details , int id , String username){ + Algorithm algorithm = Algorithm.HMAC256(key); + Date expire = this.expireTime(); + return JWT.create() + .withClaim("id",id) + .withClaim("name",username) + .withClaim("authorities",details.getAuthorities().stream().map(GrantedAuthority::getAuthority).toList()) + .withExpiresAt(expire) + .withIssuedAt(new Date()) + .sign(algorithm); + } + public Date expireTime(){ + Calendar calendar = Calendar.getInstance(); + calendar.add(Calendar.HOUR , expire * 24); + return calendar.getTime(); + } + +} diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index fc0d2d3..0548fa4 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -1 +1,6 @@ -spring.application.name=my-project-backend + +spring: + security: + jwt: + key: abcdefgh + expire: 7 \ No newline at end of file