首页 > 编程语言 > 详细

spring mvc+jwt+vue js 验证

时间:2020-07-03 15:59:32      阅读:47      评论:0      收藏:0      [点我收藏+]

 

 

      <dependency>
          <groupId>com.auth0</groupId>
          <artifactId>java-jwt</artifactId>
          <version>2.3.1</version>
      </dependency>

 

public class JWT {
    private static final String SECRET = "X1243";

    private static final String EXP = "exp";

    private static final String PAYLOAD = "payload";

    //加密,传入一个对象和有效期
    public static <T> String sign(T object, long maxAge) {
        try {
            final JWTSigner signer = new JWTSigner(SECRET);
            final Map<String, Object> claims = new HashMap<String, Object>();
            ObjectMapper mapper = new ObjectMapper();
            String jsonString = mapper.writeValueAsString(object);
            claims.put(PAYLOAD, jsonString);
            claims.put(EXP, System.currentTimeMillis() + maxAge);
            return signer.sign(claims);
        } catch(Exception e) {
            return null;
        }
    }

    //解密,传入一个加密后的token字符串和解密后的类型
    public static<T> T unsign(String jwt, Class<T> classT) {
        final JWTVerifier verifier = new JWTVerifier(SECRET);
        try {
            final Map<String,Object> claims= verifier.verify(jwt);
            if (claims.containsKey(EXP) && claims.containsKey(PAYLOAD)) {
                long exp = (Long)claims.get(EXP);
                long currentTimeMillis = System.currentTimeMillis();
                if (exp > currentTimeMillis) {
                    String json = (String)claims.get(PAYLOAD);
                    ObjectMapper objectMapper = new ObjectMapper();
                    return objectMapper.readValue(json, classT);
                }
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }
}

 

public class ResponseUtil {

    public static String SUCCESS = "0";
    public static String SYSTEM_ERROR = "9999";
    public static Object ok() {
        Map<String, Object> obj = new HashMap<String, Object>();
        obj.put("errno", 0);
        obj.put("errmsg", "成功");
        return obj;
    }

    public static Object ok(Object data) {
        Map<String, Object> obj = new HashMap<String, Object>();
        obj.put("errno", 0);
        obj.put("errmsg", "成功");
        obj.put("data", data);
        return obj;
    }

    public static Object fail() {
        Map<String, Object> obj = new HashMap<String, Object>();
        obj.put("errno", -1);
        obj.put("errmsg", "错误");
        return obj;
    }

    public static Object fail(int errno, String errmsg) {
        Map<String, Object> obj = new HashMap<String, Object>();
        obj.put("errno", errno);
        obj.put("errmsg", errmsg);
        return obj;
    }

    public static Object response(int errno, String errmsg, Object object) {
        Map<String, Object> obj = new HashMap<String, Object>();
        obj.put("errno", errno);
        obj.put("errmsg", errmsg);
        obj.put("data", object);
        return obj;
    }

    public static Object badArgument() {
        return fail(401, "参数不对");
    }

    public static Object badArgumentValue() {
        return fail(402, "参数值不对");
    }

    public static Object unlogin() {
        return fail(501, "请登录");
    }

    public static Object serious() {
        return fail(502, "系统内部错误");
    }

    public static Object unsupport() {
        return fail(503, "业务不支持");
    }

    public static Object updatedDateExpired() {
        return fail(504, "更新数据已经失效");
    }

    public static Object updatedDataFailed() {
        return fail(505, "更新数据失败");
    }

    public static Object unauthz() {
        return fail(506, "无操作权限");
    }
    public static Object unbindphone() {
        return fail(507, "未绑定手机号");
    }
}

 

 

public class TokenInterceptor implements HandlerInterceptor {
    private Logger logger = LoggerFactory.getLogger(this.getClass().getName());
    public void afterCompletion(HttpServletRequest request,
                                HttpServletResponse response, Object handler, Exception arg3)
            throws Exception {
    }

    public void postHandle(HttpServletRequest request, HttpServletResponse response,
                           Object handler, ModelAndView model) throws Exception {
    }

    //拦截每个请求
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
                             Object handler) throws Exception {
        response.setCharacterEncoding("utf-8");
        //此处是前台将token和loginId 放到了headers里面,后来来获取并处理
        String token = request.getHeader("X-Token");
        String userAccount = request.getHeader("X-LoginId");

        //token不存在
        if(StringUtils.isNotBlank(token) && StringUtils.isNotBlank(userAccount)) {
            UserInfo user = JWT.unsign(token, UserInfo.class);
            logger.info("preHandle user:{}", user);
            //解密token后的loginId与用户传来的loginId不一致,一般都是token过期
            if(null != user) {
                if(StringUtils.equalsIgnoreCase(userAccount, user.getUserAccount())) {
                    return true;
                }
                else{
                    responseMessage(response, response.getWriter(), ResponseUtil.unlogin());
                    return false;
                }
            }
            else
            {
                responseMessage(response, response.getWriter(), ResponseUtil.unlogin());
                return false;
            }
        }
        else
        {

            responseMessage(response, response.getWriter(), ResponseUtil.unlogin());
            return false;
        }
    }

    //请求不通过,返回错误信息给客户端
    private void responseMessage(HttpServletResponse response, PrintWriter out, Object responseData) {
        response.setContentType("application/json; charset=utf-8");
        String json = JSONObject.toJSONString(responseData);
        out.print(json);
        out.flush();
        out.close();
    }
}

 

 

<mvc:interceptors>
        <mvc:interceptor>
            <!-- 匹配的是url路径, 如果不配置或/**,将拦截所有的Controller -->
            <mvc:mapping path="/api/user/**" />
        

            <!-- /register.do 和 /login.do 不需要拦截(这里根据项目具体需求来配置)-->
            <mvc:exclude-mapping path="/api/mall/mall.do" />
            
            <bean class="com.***.util.TokenInterceptor"></bean>
        </mvc:interceptor>
        <!-- 当设置多个拦截器时,先按顺序调用preHandle方法,然后逆序调用每个拦截器的postHandle和afterCompletion方法 -->
    </mvc:interceptors>

 

 

import axios from axios
import {
  Dialog,
  Toast
} from vant;
import store from @/store/store

// create an axios instance
const service = axios.create({
  baseURL: process.env.VUE_APP_BASE_API, // api 的 base_url
  timeout: 5000 // request timeout
})

// request interceptor
service.interceptors.request.use(
  config => {
    if (!config.headers[X-Token]) {
      config.headers[X-Token] = `${window.localStorage.getItem(token) || ‘‘}`;
      config.headers[X-LoginId] = `${window.localStorage.getItem(userAccount) || ‘‘}`;


      store.commit(showLoading);
    }
    return config;
  },
  err => {
    Promise.reject(err);
    store.commit(hideLoading)
  }
)

// response interceptor
service.interceptors.response.use(
  response => {
    const res = response.data
    store.commit(hideLoading);
    if (res.errno === 501) {
      Toast.fail(请登录);
      setTimeout(() => {
        window.location = #/login/
      }, 1500)
      return Promise.reject(error1)
    } else if (res.errno === 507) {
      Toast.fail(请绑定手机号)
      setTimeout(() => {
        window.location = #/user/bind
      }, 1500)
      return Promise.reject(error507)
    } else if (res.errno === 502) {
      Toast.fail(网站内部错误,请联系网站维护人员)
      return Promise.reject(error2)
    }
    if (res.errno === 401) {
      Toast.fail(参数不对);
      return Promise.reject(error3)
    }
    if (res.errno === 402) {
      Toast.fail(参数值不对);
      return Promise.reject(error4)
    }
    if (res.errno === 1001) {
      Toast.fail(用户错误);
      return Promise.reject(error1001)
    }
    if (res.errno === 1005) {
      Toast.fail(短信发送失败);
      return Promise.reject(error1005)
    }
    if (res.errno === 1006) {
      Toast.fail(重复获取验证码);
      return Promise.reject(error1006)
    }
    if (res.errno === 1007) {
      Toast.fail(短信验证码错误);
      return Promise.reject(error1007)
    }
    //匹配这个错误
    if (res.errno=== 1008) {
      Toast.fail("无手机号码");
      return Promise.reject(error+res.errno)
    }
    if (res.errno=== 1009) {
      Toast.fail("用户已绑定手机号码");
      return Promise.reject(error+res.errno)
    }
    if (res.errno=== 1010) {
      Toast.fail("手机号码已被使用");
      return Promise.reject(error+res.errno)
    }
    if (res.errno === 9999) {
      Toast.fail(无法操作,请联系网站维护人员);
      return Promise.reject(error1007)
    } else if (res.errno !== 0) {
      // 非5xx的错误属于业务错误,留给具体页面处理
      return Promise.reject(response)
    } else {
      return response
    }
  }, error => {
    // console.log(‘err‘ + error)// for debug
    store.commit(hideLoading)
    Dialog.alert({
      title: 警告,
      message: 连接超时
    });
    return Promise.reject(error)
  })

export default service

 

spring mvc+jwt+vue js 验证

原文:https://www.cnblogs.com/Guroer/p/13230615.html

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!