Single sign-on implementation (java)
1. Import dependent JWT
<!-- JWT-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.7.0</version>
</dependency>
2. Write application.yml
server:
port: 9006
spring:
cloud:
nacos:
discovery:
server-addr: 192.168.1.6:8848
datasource:
url: jdbc:mysql://localhost:3306/mybatis-plus?useUnicode=true &characterEncoding=utf-8 &rewriteBatchedStatements=true &useSSL=true &serverTimezone=GMT+8
username: root
password: 12345
driver-class-name: com.mysql.cj.jdbc.Driver
mybatis-plus:
configuration:
log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
3. Write Utils JwtUtils
package com.wen.utils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.StringUtils;
import javax.servlet.http.HttpServletRequest;
import java.util.Date;
/**
* @Author OY
* @Date 2021/3/26
*/
public class JwtUtils {<!-- -->
//constant
public static final long EXPIRE = 1000 * 60 * 60 * 24; //token expiration time
public static final String APP_SECRET = "ukc8BDbRigUDaY6pZFfWus2jZWLPHO"; //Secret key
//Method to generate token string
public static String getJwtToken(String id, String nickname){<!-- -->
String JwtToken = Jwts.builder()
.setHeaderParam("typ", "JWT")
.setHeaderParam("alg", "HS256")
.setSubject("guli-user")
.setIssuedAt(new Date())
.setExpiration(new Date(System.currentTimeMillis() + EXPIRE))
.claim("id", id) //Set the main part of the token and store user information
.claim("nickname", nickname)
.signWith(SignatureAlgorithm.HS256, APP_SECRET)
.compact();
return JwtToken;
}
/**
* Determine whether the token exists and is valid
* @param jwtToken
* @return
*/
public static boolean checkToken(String jwtToken) {<!-- -->
if(StringUtils.isEmpty(jwtToken)) return false;
try {<!-- -->
Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(jwtToken);
} catch (Exception e) {<!-- -->
e.printStackTrace();
return false;
}
return true;
}
/**
* Determine whether the token exists and is valid
* @param request
* @return
*/
public static boolean checkToken(HttpServletRequest request) {<!-- -->
try {<!-- -->
String jwtToken = request.getHeader("token");
if(StringUtils.isEmpty(jwtToken)) return false;
Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(jwtToken);
} catch (Exception e) {<!-- -->
e.printStackTrace();
return false;
}
return true;
}
/**
* Get member id based on token string
* @param request
* @return
*/
public static String getMemberIdByJwtToken(HttpServletRequest request) {<!-- -->
String jwtToken = request.getHeader("token");
if(StringUtils.isEmpty(jwtToken)) return "";
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(jwtToken);
Claims claims = claimsJws.getBody();
return (String)claims.get("id");
}
}
4. Write controller
package com.wen.ucenter.controller;
import com.wen.ucenter.pojo.UcenterMember;
import com.wen.ucenter.service.UcenterMemberService;
import com.wen.utils.R;
import io.swagger.annotations.ApiOperation;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
/**
* <p>
* Member table front-end controller
*</p>
*
* @author wenjie
* @since 2023-11-08
*/
@CrossOrigin
@RestController
@RequestMapping("/ucent/ucenter-member")
@SuppressWarnings({<!-- -->"all"})
public class UcenterMemberController {<!-- -->
@Resource
UcenterMemberService memberService;
@ApiOperation(value = "Member Registration")
@PostMapping("register")
public R register(@RequestBody UcenterMember member) {<!-- -->
return R.ok();
}
@ApiOperation(value = "Member login")
@PostMapping("login")
public R login(@RequestBody UcenterMember member) {<!-- -->
//Call service method
String token = memberService.login(member);
return R.ok().data("token",token);
}
}
5. Write service
package com.wen.ucenter.service.impl;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.wen.ucenter.pojo.UcenterMember;
import com.wen.ucenter.mapper.UcenterMemberMapper;
import com.wen.ucenter.service.UcenterMemberService;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.wen.utils.JwtUtils;
import com.wen.utils.exceptionhandler.GuliException;
import com.wen.utils.exceptionhandler.MD5;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
/**
* <p>
* Member table service implementation class
*</p>
*
* @author wenjie
* @since 2023-11-08
*/
@Service
public class UcenterMemberServiceImpl extends ServiceImpl<UcenterMemberMapper, UcenterMember>
implements UcenterMemberService {<!-- -->
@Override
public String login(UcenterMember member) {<!-- -->
String mobile = member.getMobile();
String password = member.getPassword();
//Judge whether mobile phone number password is empty
if(StringUtils.isEmpty(mobile) || StringUtils.isEmpty(password)) {<!-- -->
throw new GuliException(20001,"Username or password cannot be empty");
}
//Determine whether the mobile phone number exists
QueryWrapper<UcenterMember> qw = new QueryWrapper<>();
qw.lambda().eq(UcenterMember::getMobile,mobile);
UcenterMember one = baseMapper.selectOne(qw);
if(one == null) {<!-- -->
throw new GuliException(20001,"Username does not exist");
}
//Determine whether the password is correct
if(!MD5.encrypt(password).equals(one.getPassword())) {<!-- -->
throw new GuliException(20001,"Login failed");
}
//Determine whether the user is disabled
if(one.getIsDisabled()) {<!-- -->
throw new GuliException(20001,"Login failed");
}
//login successful
//Generate token string
String jwtToken = JwtUtils.getJwtToken(one.getId(), one.getNickname());
return jwtToken;
}
}
6. Obtain user information based on token
@GetMapping("getMemberInfo")
public R getMemberInfo(HttpServletRequest request) {<!-- -->
//Call the jwt tool class. Return the user ID based on the header information of the request object.
String memberId = JwtUtils.getMemberIdByJwtToken(request);
//Query user information based on user id
UcenterMember member = memberService.getById(memberId);
if(member == null) {<!-- -->
throw new GuliException(20001,"The user does not exist");
}
return R.ok().data("userInfo",member);
}