devbox
码创造者
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

后端Jwt实现Token编码、解码以及axios的request请求头的Token传输方式_jwt.decode(token).getaudience().get(0)报错

作者:码创造者 | 2024-07-28 09:46:44

jwt.decode(token).getaudience().get(0)报错

目录

一、什么是JWT:

二、Jwt的使用:

第一步:引入依赖:

第二步:配置拦截器:JwtInterceptor.java:

其中异常文件ServiceException配置如下:

全局异常文件GlobalException.java文件配置如下:

其中所需的Result配置如下:

第三步:配置拦截设置文件:InterceptorConfig.java:

第四步:配置Token工具类文件:TokenUtils.java:

request.js的axios封装文件为:

文件布局大致如下:

一、什么是JWT

        JWT是token的一种实现方式,全称是:JSON Wwb Token。简单来讲,Jwt是一种字符串,可以根据用户信息进行相关的编码操作生成带有用户信息的JWT token,我们可以根据这个来判断其信息是否正确或者是否被篡改。

二、Jwt的使用:

首先是后端:

第一步:引入依赖:

  1. 		<dependency>
  2. 			<groupId>com.auth0</groupId>
  3. 			<artifactId>java-jwt</artifactId>
  4. 			<version>4.3.0</version>
  5. 		</dependency>

第二步:配置拦截器:JwtInterceptor.java:

  1. import com.auth0.jwt.JWT;
  2. import com.auth0.jwt.JWTVerifier;
  3. import com.auth0.jwt.algorithms.Algorithm;
  4. import com.auth0.jwt.exceptions.JWTVerificationException;
  5. import com.example.cqcrhouduan.Utils.TokenUtils;
  6. import com.example.cqcrhouduan.exception.ServiceException;
  7. import com.example.cqcrhouduan.mapper.UserMapper;
  8. import io.micrometer.common.util.StringUtils;
  9. import jakarta.servlet.http.HttpServletRequest;
  10. import jakarta.servlet.http.HttpServletResponse;
  11. import lombok.extern.slf4j.Slf4j;
  12. import org.springframework.beans.factory.annotation.Autowired;
  13. import org.springframework.stereotype.Component;
  14. import org.springframework.web.servlet.HandlerInterceptor;
  15.  
  16. @Component
  17. @Slf4j
  18. public class JwtInterceptor implements HandlerInterceptor {
  19.  
  20.     @Autowired
  21.     private UserMapper userMapper;
  22.  
  23.     @Override
  24.     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
  25.         if(request.getMethod().equals("OPTIONS"))
  26.         {
  27.             return true;
  28.         }
  29.         String token = request.getHeader("token");
  30.         if (StringUtils.isEmpty(token)) {
  31.             token = request.getParameter("token");
  32.         }
  33.         token = token;
  34.         // 执行认证
  35.         if (StringUtils.isEmpty(token)) {
  36.             throw new ServiceException(401, "无token,请重新登录");
  37.         }
  38.         // 获取 token 中的adminId
  39.         String userId;
  40.         User user;
  41.         try {
  42.             userId = JWT.decode(token).getAudience().get(0);  //解码
  43.         // 根据token中的userid查询数据库
  44.             user = userMapper.getById(Integer.parseInt(userId));
  45.             user = user;
  46.         } catch (Exception e) {
  47.             String errMsg = "token验证失败,请重新登录";
  48.             log.error(errMsg + ", token=" + token, e);
  49.             throw new ServiceException(401, errMsg);
  50.         }
  51.         if (user == null) {
  52.             throw new ServiceException(401, "用户不存在,请重新登录");
  53.         }
  54.  
  55.         try {
  56.             // 用户密码加签验证 token
  57.             JWTVerifier jwtVerifier =             
  58.             JWT.require(Algorithm.HMAC256(user.getPassword())).build();
  59.             jwtVerifier.verify(token); // 验证token
  60.         } catch (JWTVerificationException e) {
  61.             throw new ServiceException(401, "token验证失败,请重新登录");
  62.         }
  63.         return true;
  64.     }
  65. }
其中异常文件ServiceException配置如下:
  1. import com.example.cqcrhouduan.pojo.Result;
  2. import lombok.Data;
  3.  
  4. @Data
  5. public class ServiceException extends RuntimeException {
  6.     private int code;
  7.     public ServiceException(String msg){
  8.         super(msg);
  9.         this.code = 500;
  10.     }
  11.  
  12.     public ServiceException(int code, String msg){
  13.         super(msg);
  14.         this.code = code;
  15.     }
  16. }
全局异常文件GlobalException.java文件配置如下:
  1. import com.example.cqcrhouduan.pojo.Result;
  2. import org.springframework.web.bind.annotation.ControllerAdvice;
  3. import org.springframework.web.bind.annotation.ExceptionHandler;
  4. import org.springframework.web.bind.annotation.ResponseBody;
  5.  
  6.  
  7. //自定义异常
  8. @ControllerAdvice
  9. public class GlobalException {
  10.  
  11.     @ExceptionHandler(ServiceException.class)
  12.     @ResponseBody
  13.     public Result serviceException(ServiceException e){
  14.         return Result.error(e.getCode(),e.getMessage());
  15.     }
  16. }
其中所需的Result配置如下:
  1. import lombok.AllArgsConstructor;
  2. import lombok.Data;
  3. import lombok.NoArgsConstructor;
  4.  
  5. @Data
  6. @NoArgsConstructor
  7. @AllArgsConstructor
  8. public class Result {
  9.     private Integer code;
  10.     private String msg;
  11.     private Object data;
  12.  
  13.     public static Result success(Object data){
  14.         return new Result(200,"success",data);
  15.     }
  16.  
  17.     public static Result success(){
  18.         return new Result(200,"success",null);
  19.     }
  20.  
  21.     public static Result error(String msg){
  22.         return new Result(500,msg,null);
  23.     }
  24.  
  25.     public static Result error(Integer Code ,String msg){
  26.         return new Result(Code,msg,null);
  27.     }
  28.  
  29. }

第三步:配置拦截设置文件:InterceptorConfig.java:

  1. import org.springframework.context.annotation.Bean;
  2. import org.springframework.context.annotation.Configuration;
  3. import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
  4. import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
  5.  
  6. @Configuration
  7. public class InterceptorConfig extends WebMvcConfigurationSupport {
  8.     // 加自定义拦截器JwtInterceptor,设置拦截规则
  9.     @Override
  10.     protected void addInterceptors(InterceptorRegistry registry) {
  11.         registry.addInterceptor(jwtInterceptor())
  12.                 .addPathPatterns("/**")
  13.                 .excludePathPatterns("/login","/register");
  14.         super.addInterceptors(registry);
  15.     }
  16.  
  17.     @Bean
  18.     public JwtInterceptor jwtInterceptor(){
  19.         return new JwtInterceptor();
  20.     }
  21. }

第四步:配置Token工具类文件:TokenUtils.java:

  1. import com.auth0.jwt.JWT;
  2. import com.auth0.jwt.algorithms.Algorithm;
  3. import com.example.cqcrhouduan.mapper.UserMapper;
  4. import com.example.cqcrhouduan.pojo.User;
  5. import jakarta.annotation.PostConstruct;
  6. import jakarta.annotation.Resource;
  7. import jakarta.servlet.http.HttpServletRequest;
  8. import lombok.extern.slf4j.Slf4j;
  9. import org.apache.commons.lang3.StringUtils;
  10. import org.springframework.stereotype.Component;
  11. import org.springframework.web.context.request.RequestContextHolder;
  12. import org.springframework.web.context.request.ServletRequestAttributes;
  13.  
  14.  
  15. @Component
  16. @Slf4j
  17. public class TokenUtils {
  18.  
  19.     private static UserMapper staticAdminService;
  20.  
  21.     @Resource
  22.     private UserMapper adminService;
  23.  
  24.     @PostConstruct
  25.     public void setUserService() {
  26.         staticAdminService = adminService;
  27.     }
  28.  
  29.     /**
  30.      * 生成token
  31.      *
  32.      * @return
  33.      */
  34.     public static String genToken(int adminId, String sign) {
  35.         return JWT.create().withAudience(Integer.toString(adminId)) // 将 user id 保存到 token 里面,作为载荷
  36.                 .withExpiresAt(DateUtil.offsetHours(new Date(), 2)) // 2小时后token过期
  37.                 .sign(Algorithm.HMAC256(sign)); // 以 password 作为 token 的密钥
  38.     }
  39.  
  40.     /**
  41.      * 获取当前登录的用户信息
  42.      *
  43.      * @return user对象
  44.      *  /admin?token=xxxx
  45.      */
  46.     public static User getCurrentAdmin() {
  47.         String token = null;
  48.         try {
  49.             HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
  50.             token = request.getHeader("token");
  51.             if (StringUtils.isNotBlank(token)) {
  52.                 token = request.getParameter("token");
  53.             }
  54.             if (StringUtils.isBlank(token)) {
  55.                 log.error("获取当前登录的token失败, token: {}", token);
  56.                 return null;
  57.             }
  58.             String userId = JWT.decode(token).getAudience().get(0);
  59.             return staticAdminService.getById(Integer.valueOf(userId));
  60.         } catch (Exception e) {
  61.             log.error("获取当前登录的管理员信息失败, token={}", token,  e);
  62.             return null;
  63.         }
  64.     }
  65. }
  66.  
然后是前端axios配置:

request.js的axios封装文件为:

  1. import axios from "axios";
  2. import router from "../modules/router.js";
  3.  
  4. const request = axios.create({
  5.     baseURL:'http://localhost:8080/',  //自己的请求地址
  6.     timeout:30000,
  7. })
  8.  
  9.  
  10. // Add a request interceptor
  11. request.interceptors.request.use((config) => {
  12.     config.headers['Content-Type'] = 'application/json;charset=utf-8';
  13.     let user = JSON.parse(localStorage.getItem("userToken") || '{}')
  14.     // console.log(user.token)  //查看token
  15.     config.headers['token'] = user.token
  16.     // config.headers.Authorization = localStorage.getItem("userToken")
  17.     console.log("ok")
  18.     // Do something before request is sent
  19.     return config;
  20. }, error => {
  21.     console.log('request error' + error)
  22.     // Do something with request error
  23.     return Promise.reject(error);
  24. });
  25.  
  26. // Add a response interceptor
  27. request.interceptors.response.use(response => {
  28.     let res = response.data;
  29.     if (typeof res === 'string'){
  30.         res = res ? JSON.parse(res) : res
  31.     }
  32.     // if(res.code === 401){ //自动跳转
  33.     //     router.push('/')
  34.     // }
  35.     // Any status code that lie within the range of 2xx cause this function to trigger
  36.     // Do something with response data
  37.     return res;
  38. }, function (error) {
  39.     // Any status codes that falls outside the range of 2xx cause this function to trigger
  40.     // Do something with response error
  41.     console.log('response error' + error)
  42.     return Promise.reject(error);
  43. });
  44.  
  45. export default request

文件布局大致如下:

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/码创造者/article/detail/893707
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号