java后台代码(MD5加密+token验证):
import com.smart.ssai.admin.domain.User;
import com.smart.ssai.admin.service.UserService;
import com.smart.ssai.VO.Response;
import com.smart.ssai.common.utils.ResultVOUtil;
import com.smart.ssai.common.utils.ToolUtils;
import com.smart.ssai.constant.TokenConstant;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
@RestController
@RequestMapping("/api")
public class LoginController {
@Autowired
private UserService userService;
/**
* 用户登录
* @param username 用户名
* @param password 密码
* @return
*/
@PostMapping("/login")
public ResponseEntity<Response> login(@RequestParam(value = "username") String username
, @RequestParam(value = "password") String password){
User user = userService.getUserByUsername(username);
//判断用户是否存在
if(null == user){
return ResultVOUtil.show(0,"用户不存在,请重新输入",null);
}
//判断密码是否正确
String password1 = ToolUtils.md5Hex(password,String.valueOf(user.getCode()));
if(!user.getPassword().equals(password1)){
return ResultVOUtil.show(0,"用户密码错误",null);
}
//登录成功,生成token,并更新数据库token和过期时间
Date date = new Date();
Integer nowTime = (int)(date.getTime()/1000);//当前时间戳
String token = createToken(user,date);//token
User model = new User();
BeanUtils.copyProperties(user,model);
// model.setId(user.getId());
model.setTimeout(nowTime);
model.setToken(token);
userService.insert(model);
//跳转到指定页面,这里不跳转,返回token信息给前端
Map<String,Object> map = new HashMap<>();
map.put("token",token);
return ResultVOUtil.show(1,"登录成功",map);
}
/**
* 生成token,根据有效的用户信息
* @param user 用户实例
* @param date 当前日期
* @return
*/
private String createToken(User user, Date date){
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")//设置header
.setHeaderParam("alg", "HS256").setIssuedAt(date)//设置签发时间
.setExpiration(new Date(date.getTime() + TokenConstant.EXPIRE))//设置过期时间,30天,超出int,要加L
.claim("userid",String.valueOf(user.getId()))//设置内容
.setIssuer(TokenConstant.ISSUER)//设置签发人
.signWith(signatureAlgorithm, TokenConstant.SECRETKEY);//签名,需要算法和key
String jwt = builder.compact();
return jwt;
}
}