1 JWT
(1)添加依赖
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.0</version>
</dependency>
(2) 工具代码
public class JwtUtil {
//编码
public static String encode(String key,Map<String,Object> param,String salt){
if(salt!=null){
key+=salt;
}
JwtBuilder jwtBuilder= Jwts.builder().signWith(SignatureAlgorithm.ES256,key);
jwtBuilder=jwtBuilder.setClaims(param);
String token=jwtBuilder.compact();
return token;
}
//解码
public static Map<String,Object> decode(String token,String key,String salt){
Claims claims=null;
if(salt!=null){
key+=salt;
}
try{
claims=Jwts.parser().setSigningKey(key).parseClaimsJws(token).getBody();
}catch (JwtException e){
return null;
}
return claims;
}
}
(3)
public String login(UmsMember umsMember, HttpServletRequest request, Model model){
String token="";
//调用用户服务,验证返回token
UmsMember member=userService.login(umsMember);
if(null==member){
// 登录失败,给出提示
token="fail";
model.addAttribute("mes","用户名密码错误");
}else{
Long id = umsMember.getId();
String username = umsMember.getUsername();
Map<String,Object> map=new HashMap<>();
//登录成功 jwt制作token
map.put("id",id);
map.put("username",username);
String ip=request.getHeader("x-forwarded-for");//通过nginx转发客户端ip
if(StringUtils.isBlank(ip)){
ip=request.getRemoteAddr();//从request中获取ip
if(StringUtils.isBlank(ip)){
ip="127.0.0.1";
}
}
//按照设计的算法对参数进行加密后,生成token
Date date=new Date();
JwtUtil.encode("2019tang",map,ip+date.getTime());
//token存入redis
}
return token;
}
2 获取请求客户端IP(nginx)
前提:nginx配置了x-forwarded-for
String ip=request.getHeader("x-forwarded-for");//通过nginx转发客户端ip
if(StringUtils.isBlank(ip)){
ip=request.getRemoteAddr();//从request中获取ip
if(StringUtils.isBlank(ip)){
ip="127.0.0.1";
}