package com.nanjing.water.common.jwt;
|
|
import com.auth0.jwt.JWT;
|
import com.auth0.jwt.JWTCreator;
|
import com.auth0.jwt.JWTVerifier;
|
import com.auth0.jwt.algorithms.Algorithm;
|
import com.auth0.jwt.exceptions.TokenExpiredException;
|
import com.auth0.jwt.interfaces.DecodedJWT;
|
import com.nanjing.water.common.ConstantFactory;
|
import com.nanjing.water.common.config.SysConfig;
|
import com.nanjing.water.common.enums.EResultCode;
|
import com.nanjing.water.common.exceptions.BusinessException;
|
import com.nanjing.water.common.util.LocalDateTimeUtil;
|
import com.nanjing.water.common.util.NumericUtil;
|
import com.nanjing.water.common.util.StringUtil;
|
|
import java.time.LocalDateTime;
|
import java.util.Date;
|
|
public class JWTUtil {
|
/**
|
* @return token中包含的用户名
|
*/
|
public static LoginUserDTO getUser(String token) {
|
if (StringUtil.isNullOrEmpty(token)) {
|
throw new BusinessException(EResultCode.UNAUTHORIZED, "尚未登录");
|
}
|
JWTVerifier verifier = JWT.require(Algorithm.HMAC256(SysConfig.jwt.getSecret()))
|
.build();
|
DecodedJWT jwt = null;
|
try {
|
|
jwt = verifier.verify(token);
|
} catch (TokenExpiredException e) {
|
throw new BusinessException(EResultCode.UNAUTHORIZED, "token已过期");
|
} catch (Exception e) {
|
throw new BusinessException(EResultCode.UNAUTHORIZED, "token格式不正确." + token);
|
}
|
if (null == jwt) {
|
throw new BusinessException(EResultCode.UNAUTHORIZED, "token已过期");
|
}
|
Date expiresAt = jwt.getExpiresAt();
|
|
LocalDateTime dtExpires = LocalDateTimeUtil.getDateTime(expiresAt.getTime());
|
if (dtExpires.isBefore(LocalDateTimeUtil.nowDateTime())) {
|
throw new BusinessException(EResultCode.UNAUTHORIZED, "token已过期");
|
}
|
LoginUserDTO loginUser = new LoginUserDTO();
|
loginUser.setUserId(jwt.getClaim("userId").asString());
|
loginUser.setUserType(NumericUtil.tryParseInt(jwt.getClaim("userType").asString(), 0));
|
loginUser.setPhone(jwt.getClaim("phone").asString());
|
loginUser.setPhone(jwt.getClaim("phone").asString());
|
loginUser.setNickName(jwt.getClaim("nickName").asString());
|
loginUser.setHeadImg(jwt.getClaim("headImg").asString());
|
loginUser.setListRole(StringUtil.splitLongList(jwt.getClaim("listRole").asString()));
|
loginUser.setListRoleName(StringUtil.splitList(jwt.getClaim("listRoleName").asString()));
|
|
return loginUser;
|
}
|
|
/**
|
* 生成token,并保存到jwt
|
*
|
* @param loginUser 登录用户信息
|
* @return 加密的token
|
*/
|
public static String getToken(LoginUserDTO loginUser) {
|
JWTCreator.Builder builder = JWT.create()
|
//设置jwt生成时间
|
.withIssuedAt(new Date(LocalDateTimeUtil.nowTimeStamp()))
|
//设置token有效期
|
.withExpiresAt(new Date(LocalDateTimeUtil.nowTimeStamp() + SysConfig.jwt.getExpiration() * ConstantFactory.TIME_LEN_1S));
|
builder.withClaim("userId", loginUser.getUserId());
|
builder.withClaim("userType", loginUser.getUserType().toString());
|
builder.withClaim("phone", loginUser.getPhone());
|
builder.withClaim("nickName", loginUser.getNickName());
|
builder.withClaim("headImg", loginUser.getHeadImg());
|
builder.withClaim("listRole", StringUtil.joinLong(loginUser.getListRole()));
|
builder.withClaim("listRoleName", StringUtil.join(loginUser.getListRoleName()));
|
return builder
|
//生成token字符串
|
.sign(Algorithm.HMAC256(SysConfig.jwt.getSecret()))
|
;
|
}
|
}
|
