@RequestMapping(value = "/ReagentuserLoginService.do",method = RequestMethod.POST)
@CrossOrigin //设置跨域接收跨域请求
@ResponseBody //设置自动将返回值转为json对象并返回浏览器
public Map ReagentUserLogin(@RequestBody User user, HttpServletRequest httpServletRequest, HttpServletResponse response) throws IllegalAccessException {
if (!user.getUsername().equals("") && !user.getPassword().equals("")) {
//根据输入的用户密码返回用户数据
User userlogin = userManagerService.reagentUserLogin(user);
System.out.println(userlogin);
//加密id信息生成token
String token = JWT.sign(userlogin.getId(), 60L* 1000L* 30L);
//设置请求头信息
response.setHeader("token",token);
response.setHeader("Access-Control-Expose-Headers","Cache-Control,Content-Type,Expires,Pragma,Content-Language,Last-Modified,token");
return map;
}
}
主要是response的那两句设置。第一个是设置token到请求头上。
第二个是解决跨域后自定义的一些请求头比如token不被拦截。
在贴上生成token的封装类
package com.reagent.util;
import com.auth0.jwt.JWTSigner;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.internal.com.fasterxml.jackson.databind.ObjectMapper;
import java.util.HashMap;
import java.util.Map;
public class JWT {
private static final String SECRET = "XX#$%()(#*!()!KL<><MQLMNQNQJQK sdfkjsdrow32234545fdf>?N<:{LWPW";
private static final String EXP = "exp";
private static final String PAYLOAD = "payload";
//加密,传入一个object对象和有效期
public static <T> String sign(T object, long maxAge) {
try {
final JWTSigner signer = new JWTSigner(SECRET);
final Map<String, Object> claims = new HashMap<String, Object>();
ObjectMapper mapper = new ObjectMapper();
String jsonString = mapper.writeValueAsString(object);
claims.put(PAYLOAD, jsonString);
claims.put(EXP, System.currentTimeMillis() + maxAge);
return signer.sign(claims);
} catch(Exception e) {
return null;
}
}
//解密,传入一个加密后的token字符串和解密后的类型
public static<T> T unsign(String jwt, Class<T> classT) {
final JWTVerifier verifier = new JWTVerifier(SECRET);
try {
final Map<String,Object> claims= verifier.verify(jwt);
if (claims.containsKey(EXP) && claims.containsKey(PAYLOAD)) {
long exp = (Long)claims.get(EXP);
long currentTimeMillis = System.currentTimeMillis();
if (exp > currentTimeMillis) {
String json = (String)claims.get(PAYLOAD);
ObjectMapper objectMapper = new ObjectMapper();
return objectMapper.readValue(json, classT);
}
}
return null;
} catch (Exception e) {
return null;
}
}
}