The JWT token permission authentication technology based on Springboot is simply implemented
JWT profile
Json Web Token (JWT) : Json network Token, an open standard based on Json ((RFC 7519) for passing declarations between network application environments. JWT is a lightweight, secure, cross-platform transport format that defines a compact, self-contained way to communicate between two parties using JSON objects to securely transfer information. This information is reliable because of the digital signature.
Implementation steps:
Environmental spring boot
1. Add JWT dependency
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.8.1</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
2. Create annotation package </h6 b> under SRC
New custom annotation class JwtToken
package com.qf.tyleryue_one.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target({ElementType.METHOD,ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
public @interface JwtToken {
}
3. Create utils package </h6 b> under SRC
Create a new custom JwtUtils utility class
package com.qf.tyleryue_one.utils;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import jdk.internal.org.objectweb.asm.TypeReference;
import java.util.Date;
public class JwtUtils {
private final static long EXPIRE_TIME=5*60*1000;
private final static String SECRECT="Tyler_Yue_key";
public static String sign(String userId){
Date exipre_date = new Date(System.currentTimeMillis() + EXPIRE_TIME);
JWTCreator.Builder builder = JWT.create();
builder.withAudience(userId);
builder.withExpiresAt(exipre_date);
Algorithm algorithm = Algorithm.HMAC256(SECRECT);
String sign = builder.sign(algorithm);
return sign;
}
public static boolean verifyToken(String token){
try {
Algorithm algorithm = Algorithm.HMAC256(SECRECT);
JWTVerifier build = JWT.require(algorithm).build();
return true;
} catch (Exception e) {
throw new RuntimeException("Out of date");
}
}
}
4. Create new vo package under SRC
Encapsulates an object that returns the user’s token
package com.qf.tyleryue_one.vo;
import com.alibaba.druid.filter.AutoLoad;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@AllArgsConstructor
@NoArgsConstructor
public class TokenVo {
private String usernaem;
private String token;
}
5. Example of controller layer user login business login with token </h6 b>
package com.qf.tyleryue_one.controller;
import com.qf.tyleryue_one.entity.VueUser;
import com.qf.tyleryue_one.service.VueUserService;
import com.qf.tyleryue_one.utils.JwtUtils;
import com.qf.tyleryue_one.vo.Msg;
import com.qf.tyleryue_one.vo.TokenVo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import java.util.UUID;
@Controller
public class VueUserController {
@Autowired
private VueUserService vueUserService;
@RequestMapping(value = "/dealLogin",method = RequestMethod.POST)
@CrossOrigin
@ResponseBody
public Msg login(@RequestBody VueUser vueUser){
VueUser vueUser1 = vueUserService.selectByUsername(vueUser.getUsername());
if (vueUser1!=null){
if (vueUser1.getPassword().equals(vueUser.getPassword())){
String userid = UUID.randomUUID().toString();
String token = JwtUtils.sign(userid);
TokenVo tokenVo = new TokenVo(vueUser.getUsername(), token);
return new Msg(200,"Logined",tokenVo);
}else {
return new Msg(403,"password wrong",null);
}
}else {
return new Msg(403,"not exsit",null);
}
}
}
</ div>
Read More:
- Realization of breakpoint download based on DIO in flutter
- [CICD] Jenkins Role-based Authorization Strategy
- JWT and token + redis scheme of spring security
- Matlab realization of user-defined curve and legend
- Login authority verification
- Wechat third party authorization to generate QR code API
- Connection authorization failure occurred. Reason: local security service non retryable error solution
- Springboot integrated with mybatis
- How to solve SVN authorization failed error
- Error from server (alreadyexists) clusterrolebindings.rbac.authorization .k8s.io “kubelet
- Mobile phone code scanning applet login authorization error
- Create an Apex class that returns contacts based on incoming parameters
- Example of public key signature and verification generated with fabric case
- Springboot integrates quartz timing tasks
- solve!! VMware Workstation failed to start the VMware authorization service
- VMware Workstation failed to start VMware Authorization Service
- Practice based on how to tango with Django 1.7 (1)
- CSRF verification failed. Request aborted.
- Simple license plate recognition based on Halcon
- [solution] build vins and orb-slam based on opencv4