JWT(JSON Web Token)是一种用于安全传输信息的开放标准,它通过将信息以数字签名的形式嵌入到一个JSON对象中,确保数据的完整性和身份验证。
依赖
<!--jwt依赖-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
生成token
//1.准备数据
Map map = new HashMap();
map.put("id", "1");
map.put("email", "482734085@qq.com");
long now = System.currentTimeMillis();
//2.使用jwt的工具类生成token
String token = Jwts.builder()
.signWith(SignatureAlgorithm.HS512, "itcast")
.setClaims(map)
.setExpiration(new Date(now + 50000))
.compact();
System.out.println(token);
解析token
String token = "eyJhbGciOiJIUzUxMiJ9.eyJpZCI6IjEiLCJleHAiOjE3MzEzMTcyODQsImVtYWlsIjoiNDgyNzM0MDg1QHFxLmNvbSJ9.9MyThSISygV3LNtO9sP3hgUQ6N5Q7RvVlzFpnepzd39sL_4C1vZ4eK7npyXjM8dyPUQ7UPtZE2YSpgpjH71sQg";
try {
Claims claims = Jwts.parser()
.setSigningKey("itcast")
.parseClaimsJws(token)
.getBody();
System.out.println(claims);
}catch (ExpiredJwtException e) {
System.out.println("token已过期");
}catch (SignatureException e) {
System.out.println("token不合法");
}