jwt token

framework-boot/pom.xml

@@ -119,6 +119,11 @@
             <artifactId>reactor-core</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>java-jwt</artifactId>
+            <version>3.3.0</version>
+        </dependency>
 
     </dependencies>
 

framework-boot/src/main/java/com/mrxu/framework/boot/token/JwtLoginConfig.java

@@ -1,7 +1,6 @@
 package com.mrxu.framework.boot.token;
 
 import lombok.Data;
-import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 
 

framework-boot/src/main/java/com/mrxu/framework/boot/token/JwtUtil.java

@@ -0,0 +1,64 @@
+package com.mrxu.framework.boot.token;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTCreator;
+import com.auth0.jwt.JWTVerifier;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import com.mrxu.framework.boot.entity.BusinessException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Date;
+
+
+public class JwtUtil {
+
+    private static Logger logger = LoggerFactory.getLogger(JwtUtil.class);
+
+    public static String sign(String key,String value,long expireTime,String secret) {
+        try {
+            Date date = new Date(System.currentTimeMillis() + expireTime);
+            Algorithm algorithm = Algorithm.HMAC256(secret);
+            JWTCreator.Builder builder = JWT.create();
+            builder.withClaim(key,value);
+            builder.withExpiresAt(date);
+            return builder.sign(algorithm);
+        }
+        catch (UnsupportedEncodingException e) {
+            logger.error("JWT 密码 {} 编码错误:{}",secret,e);
+            throw new BusinessException("错误编码错误");
+        }
+
+    }
+
+    public static void verify(String token,String secret) {
+        try {
+            Algorithm algorithm = Algorithm.HMAC256(secret);
+            JWTVerifier verifier = JWT.require(algorithm).build();
+            verifier.verify(token);
+        }
+        catch (UnsupportedEncodingException e) {
+            logger.error("JWT 密码 {} 编码错误:{}",secret,e);
+            throw new BusinessException("错误编码错误");
+        }
+    }
+
+    public static String getValue(String token, String key) {
+        DecodedJWT jwt = JWT.decode(token);
+        return jwt.getClaim(key).asString();
+    }
+
+
+
+    public static void main(String[] args) {
+        String token = sign("memberId","92341398766528923",
+                10*1000,"mrxu");
+        logger.info("生成token:{}",token);
+        verify(token,"mrxu");
+        String value = getValue(token,"memberId");
+        logger.info("获取token值:{}",value);
+    }
+
+}

framework-boot/src/main/java/com/mrxu/framework/boot/token/SecurityFilter.java

@@ -1,5 +1,6 @@
 package com.mrxu.framework.boot.token;
 
+import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.mrxu.framework.common.util.StrFunc;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.server.reactive.ServerHttpRequest;
@@ -15,9 +16,14 @@ import java.net.URI;
 
 public class SecurityFilter extends HiddenHttpMethodFilter {
 
+    public static final String TOKEN_KEY = "token";
+
     @Autowired
     private JwtLoginConfig jtbAuthProperties;
 
+    @Autowired
+    private TokenManager tokenManager;
+
     private String[] unLoginUrl;
 
     private final PathMatcher pathMatcher = new AntPathMatcher();
@@ -37,8 +43,13 @@ public class SecurityFilter extends HiddenHttpMethodFilter {
         if(!needLogin(path)) {
             return chain.filter(exchange);
         }
-        // String tokenStr = request.getHeaders().getFirst(Constants.AUTH_HEADER);
-        return null;
+        String tokenStr = request.getHeaders().getFirst(TOKEN_KEY);
+        try {
+            String userId = tokenManager.getUserId(tokenStr);
+            return null;
+        } catch (TokenExpiredException e) {
+            return null;
+        }
     }
 
     /**

framework-boot/src/main/java/com/mrxu/framework/boot/token/TokenManager.java

@@ -0,0 +1,26 @@
+package com.mrxu.framework.boot.token;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component
+public class TokenManager {
+
+    public static final String USER_KEY = "userId";
+
+    @Autowired
+    private JwtLoginConfig jtbAuthProperties;
+
+    public String createToken(String userKey) {
+        return JwtUtil.sign(USER_KEY,userKey,
+                jtbAuthProperties.getTOKEN_EXPIRE_TIME(),
+                jtbAuthProperties.getEncryptJWTKey());
+    }
+
+    public String getUserId(String token) {
+        JwtUtil.verify(token,jtbAuthProperties.getEncryptJWTKey());
+        return JwtUtil.getValue(token,USER_KEY);
+    }
+
+
+}