java session和cookie的存值和取值
2023-09-27 14:26:05 时间
本文cookie和session的存值和取值以及拦截器token验证
pom添加依赖
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.5.6</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.stu</groupId> <artifactId>boot-init</artifactId> <version>0.0.1-SNAPSHOT</version> <name>boot-init</name> <description>Demo project for Spring Boot</description> <properties> <java.version>1.8</java.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.2.0</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.10.3</version> </dependency> <dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt</artifactId> <version>0.9.1</version> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> </project>
LoginController
package com.stu.controller; import io.jsonwebtoken.JwtBuilder; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.util.Date; import java.util.HashMap; import javax.servlet.http.Cookie; @RestController @RequestMapping("/login") public class LogonController { @RequestMapping("/login") public String login(HttpServletRequest request, HttpServletResponse response, HttpSession session){ Cookie c = new Cookie("logincodecookie",""); c.setMaxAge(60*60*24*14); //2周时间Cookie过期 单位秒 c.setPath("/"); //表示任何请求路径都可以访问Cookie response.addCookie(c); session.setAttribute("loginsession","sessoin"); //如果登录验证成功,则需要生成令牌token(token就是按照特定规则生成的字符串) //使用jwt规则生成token字符串 JwtBuilder builder = Jwts.builder(); HashMap<String,Object> map = new HashMap<>(); map.put("key1","value1"); map.put("key2","value2"); String token = builder.setSubject("tokenName") //主题,就是token中携带的数据 .setIssuedAt(new Date()) //设置token的生成时间 .setId("userId123456" + "") //设置用户id为token id .setClaims(map) //map中可以存放用户的角色权限信息 .setExpiration(new Date(System.currentTimeMillis() + 24*60*60*1000)) //设置token过期时间 .signWith(SignatureAlgorithm.HS256, "QIANfeng6666") //设置加密方式和加密密码 .compact(); return token; } @RequestMapping("/loginAfter") public void loginAfter(HttpServletRequest request, HttpServletResponse response, HttpSession session){ System.out.println("获取到Cookie中的键值对 loginAfter"); } }
InterceptorConfig拦截器注册
package com.stu.controller.config; import com.stu.controller.interceptor.CheckTokenInterceptor; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class InterceptorConfig implements WebMvcConfigurer { @Autowired private CheckTokenInterceptor checkTokenInterceptor; @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(checkTokenInterceptor) .addPathPatterns("/**").excludePathPatterns("/login/login"); } }
CheckTokenInterceptor拦截器
package com.stu.controller.interceptor; import com.fasterxml.jackson.databind.ObjectMapper; import com.stu.controller.vo.ResultVO; import io.jsonwebtoken.*; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.io.PrintWriter; @Component public class CheckTokenInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String method = request.getMethod(); if("OPTIONS".equalsIgnoreCase(method)){ return true; } HttpSession session = request.getSession(); Object user = session.getAttribute("loginsession"); Cookie[] cookies = request.getCookies(); if(cookies != null){ for (Cookie cookie : cookies) { if("logincodecookie".equals(cookie.getName())) { System.out.println("获取到Cookie中的键值对" + cookie.getName() + "===== " + cookie.getValue()); } } } String token = request.getHeader("token"); if(token == null){ ResultVO resultVO = new ResultVO(20001, "请先登录!", null); doResponse(response,resultVO); }else{ try { JwtParser parser = Jwts.parser(); parser.setSigningKey("QIANfeng6666"); //解析token的SigningKey必须和生成token时设置密码一致 //如果token正确(密码正确,有效期内)则正常执行,否则抛出异常 Jws<Claims> claimsJws = parser.parseClaimsJws(token); return true; }catch (ExpiredJwtException e){ ResultVO resultVO = new ResultVO(20002, "登录过期,请重新登录!", null); doResponse(response,resultVO); }catch (UnsupportedJwtException e){ ResultVO resultVO = new ResultVO(20001, "Token不合法,请自重!", null); doResponse(response,resultVO); }catch (Exception e){ ResultVO resultVO = new ResultVO(20001, "请先登录!", null); doResponse(response,resultVO); } } return false; } private void doResponse(HttpServletResponse response,ResultVO resultVO) throws IOException { response.setContentType("application/json"); response.setCharacterEncoding("utf-8"); PrintWriter out = response.getWriter(); String s = new ObjectMapper().writeValueAsString(resultVO); out.print(s); out.flush(); out.close(); } }
相关文章
- Caused by: java.lang.ClassNotFoundException: com.njupt.libgdxbase.MainActivity
- IT咨询顾问:一次吐血的项目救火 java或判断优化小技巧 asp.net core Session的测试使用心得 【.NET架构】BIM软件架构02:Web管控平台后台架构 NetCore入门篇:(十一)NetCore项目读取配置文件appsettings.json 使用LINQ生成Where的SQL语句 js_jquery_创建cookie有效期问题_时区问题
- LeetCode232 Implement Queue using Stacks Java 题解
- Java使用hutool工具类发送网络请求
- Java的数据类型
- 第74节:Java中的Cookie和Session
- 第74节:Java中的Cookie和Session
- Java 保留两位小数(不四舍五入)
- Java Cookie工具类,Java CookieUtils 工具类,Java如何增加Cookie
- Java使用for循环打印九九乘法表
- Java_cookie 和session 的区别详解
- 浅析Java编程中常用的Servlet对象:HttpServletRequest(客户端请求)、HttpServletResponse(响应)、Cookie对象、HttpSession(客户端会话)、ServletContext(应用程序信息)
- 知识点整理之Java的Cookie操作
- Java对象序列化与反序列化一 JSON
- Gradle Goodness: Set Java Compiler Encoding--转载
- Java操作Session与Cookie
- java判断时间是否在时间段内 开始时间大于结束时间返回true
- 桥梁模式练习:飞机信息系统(JAVA练习项目&IDEA)