什么是jwt?
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA
---[摘自官網(wǎng)]
1.翻譯
官網(wǎng)地址: https://jwt.io/introduction/
翻譯: jsonwebtoken(JWT)是一個(gè)開放標(biāo)準(zhǔn)(rfc7519)高蜂,它定義了一種緊湊的、自包含的方式讹俊,用于在各方之間以JSON對(duì)象安全地傳輸信息泣刹。此信息可以驗(yàn)證和信任,因?yàn)樗菙?shù)字簽名的命浴。jwt可以使用秘密(使用HMAC算法)或使用RSA或ECDSA的公鑰/私鑰對(duì)進(jìn)行簽名
2.通俗解釋
JWT簡(jiǎn)稱JSON Web Token,也就是通過JSON形式作為Web應(yīng)用中的令牌,用于在各方之間安全地將信息作為JSON對(duì)象傳輸娄猫。在數(shù)據(jù)傳輸過程中還可以完成數(shù)據(jù)加密、簽名等相關(guān)處理生闲。
jwt工具類如下:
package com.atguigu.yygh.common.helper;
import io.jsonwebtoken.*;
import org.springframework.util.StringUtils;
import java.util.Date;
public class JwtHelper {
//過期時(shí)間
private static long tokenExpiration = 24*60*60*1000;
//簽名秘鑰
private static String tokenSignKey = "123456";
//根據(jù)參數(shù)生成token
public static String createToken(Long userId, String userName) {
String token = Jwts.builder()
.setSubject("YYGH-USER")
.setExpiration(new Date(System.currentTimeMillis() + tokenExpiration))
.claim("userId", userId)
.claim("userName", userName)
.signWith(SignatureAlgorithm.HS512, tokenSignKey)
.compressWith(CompressionCodecs.GZIP)
.compact();
return token;
}
//根據(jù)token字符串得到用戶id
public static Long getUserId(String token) {
if(StringUtils.isEmpty(token)) return null;
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(tokenSignKey).parseClaimsJws(token);
Claims claims = claimsJws.getBody();
Integer userId = (Integer)claims.get("userId");
return userId.longValue();
}
//根據(jù)token字符串得到用戶名稱
public static String getUserName(String token) {
if(StringUtils.isEmpty(token)) return "";
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(tokenSignKey).parseClaimsJws(token);
Claims claims = claimsJws.getBody();
return (String)claims.get("userName");
}
public static void main(String[] args) {
String token = JwtHelper.createToken(1L, "lucy");
System.out.println(token);
System.out.println(JwtHelper.getUserId(token));
System.out.println(JwtHelper.getUserName(token));
}
}
