1 JWT
(1)添加依賴
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.0</version>
</dependency>
(2) 工具代碼
public class JwtUtil {
//編碼
public static String encode(String key,Map<String,Object> param,String salt){
if(salt!=null){
key+=salt;
}
JwtBuilder jwtBuilder= Jwts.builder().signWith(SignatureAlgorithm.ES256,key);
jwtBuilder=jwtBuilder.setClaims(param);
String token=jwtBuilder.compact();
return token;
}
//解碼
public static Map<String,Object> decode(String token,String key,String salt){
Claims claims=null;
if(salt!=null){
key+=salt;
}
try{
claims=Jwts.parser().setSigningKey(key).parseClaimsJws(token).getBody();
}catch (JwtException e){
return null;
}
return claims;
}
}
(3)
public String login(UmsMember umsMember, HttpServletRequest request, Model model){
String token="";
//調用用戶服務,驗證返回token
UmsMember member=userService.login(umsMember);
if(null==member){
// 登錄失敗,給出提示
token="fail";
model.addAttribute("mes","用戶名密碼錯誤");
}else{
Long id = umsMember.getId();
String username = umsMember.getUsername();
Map<String,Object> map=new HashMap<>();
//登錄成功 jwt製作token
map.put("id",id);
map.put("username",username);
String ip=request.getHeader("x-forwarded-for");//通過nginx轉發客戶端ip
if(StringUtils.isBlank(ip)){
ip=request.getRemoteAddr();//從request中獲取ip
if(StringUtils.isBlank(ip)){
ip="127.0.0.1";
}
}
//按照設計的算法對參數進行加密後,生成token
Date date=new Date();
JwtUtil.encode("2019tang",map,ip+date.getTime());
//token存入redis
}
return token;
}
2 獲取請求客戶端IP(nginx)
前提:nginx配置了x-forwarded-for
String ip=request.getHeader("x-forwarded-for");//通過nginx轉發客戶端ip
if(StringUtils.isBlank(ip)){
ip=request.getRemoteAddr();//從request中獲取ip
if(StringUtils.isBlank(ip)){
ip="127.0.0.1";
}