美文网首页
SpringCloud系列之网关gateway-12.实现JWT

SpringCloud系列之网关gateway-12.实现JWT

作者: 那钱有着落吗 | 来源:发表于2021-09-17 11:42 被阅读0次
image.png

1.使用JWT实现获取token和校验token

  • 首先引入依赖
 <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-redis</artifactId>
        </dependency>

        <dependency>
            <groupId>com.auth0</groupId>
            <artifactId>java-jwt</artifactId>
            <version>3.7.0</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
  • 使用JWT加解密逻辑
package com.example.authservice;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.example.authserviceapi.Account;
import jdk.nashorn.internal.parser.Token;
import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.math.ec.rfc8032.Ed25519;
import org.springframework.stereotype.Service;

import java.util.Date;

@Slf4j
@Service
public class JwtService {

    private static final String KEY = "changeIt";
    private static final String ISSUER = "wei";
    private static final String USER_NAME = "username";

    private static final long TOKEN_EXP_TIME = 6000;

    //生成token
    public String token(Account account){

        Date now = new Date();

        Algorithm algorithm = Algorithm.HMAC256(KEY);

        String token = JWT.create().withIssuer(ISSUER)
                .withIssuedAt(now)
                .withExpiresAt(new Date(now.getTime()+ TOKEN_EXP_TIME)  )
                .withClaim(USER_NAME,account.getUsername())
                .sign(algorithm);


        log.info("jwt generated user={}",account.getUsername());

        return "";
    }

    //校验token
    public boolean verify(String token,String username){

        log.info("verifing jwt - username = {}",username);


        try{
            Algorithm algorithm = Algorithm.HMAC256(KEY);
            JWTVerifier verifier = JWT.require(algorithm)
                    .withIssuer(ISSUER)
                    .withClaim(USER_NAME,username).build();

            verifier.verify(token);

            return true;
        }catch (Exception e){
            log.error("auth failed",e);
            return false;
        }
    }


}
  • controller层
package com.example.authservice;

import com.example.authserviceapi.Account;
import com.example.authserviceapi.AuthResponse;
import com.example.authserviceapi.ErrorCode;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import java.util.UUID;

@Slf4j
@RestController
public class Controller {


    @Autowired
    private JwtService jwtService;

    @Autowired
    private RedisTemplate redisTemplate;

    @GetMapping("/login")
    @ResponseBody
    public AuthResponse login(String username,String password){

        Account account = Account.builder().username(username).build();


        //todo 验证username + password

        String token = jwtService.token(account);
        account.setToken(token);
        account.setRefreshToken(UUID.randomUUID().toString());


        redisTemplate.opsForValue().set(account.getRefreshToken(),account);

        return AuthResponse.builder().account(account).code(ErrorCode.SUCCESS).build();
    }

    @GetMapping("/refreshToken")
    @ResponseBody
    public AuthResponse refreshToken(String refreshToken){

        Account account = (Account)redisTemplate.opsForValue().get(refreshToken);
        if(account==null){
            return AuthResponse.builder().code(ErrorCode.USER_NOT_FOUND).build();
        }

        String jwt = jwtService.token(account);
        account.setToken(jwt);
        account.setRefreshToken(UUID.randomUUID().toString());

        redisTemplate.delete(refreshToken);
        redisTemplate.opsForValue().set(account.getRefreshToken(),account);

        return AuthResponse.builder().account(account).code(ErrorCode.SUCCESS).build();

    }

    @GetMapping("/verify")
    @ResponseBody
    public AuthResponse verify(String token,String username){
        boolean success = jwtService.verify(token,username);

        return AuthResponse.builder().code(success?ErrorCode.SUCCESS:ErrorCode.USER_NOT_FOUND).build();

    }

}

gateway中如何配合JWT鉴权

gateway我们是用过在创建一个filter的形式来进行鉴权的

可以看到我们在filter中获取到传入header中的用户名以及token信息,然后在做一个token的校验,通过之后则鉴权通过。


相关文章

网友评论

      本文标题:SpringCloud系列之网关gateway-12.实现JWT

      本文链接:https://www.haomeiwen.com/subject/bwskgltx.html

      延伸阅读

      深度阅读

      • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

      栏目导航

      热点阅读

      关于我们|服务条款|联系我们|SpringCloud系列之网关gateway-12.实现JWT|投稿指南|网站地图|RSS订阅|排版工具|手机版

      提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

      Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

      备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

      本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

      所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!