@Override protected void succeedAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) throws IOException, ServletException{
User user = (User) authentication.getPrincipal();
log.info("User {} is Login Success",user.getUsername());
Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
String accessToken = JWT.create()
// ???? ?? ???? ??? unique
.withSubject(user.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() 10 * 60 * 1000 ))
.withIssuer(request.getRequestURL().toString())
.withClaim("roles",user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()))
.sign(algorithm);
String refreshToken = JWT.create()
// ???? ?? ???? ??? unique
.withSubject(user.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() 60 * 60 * 1000 ))
.withIssuer(request.getRequestURL().toString())
.sign(algorithm);
// response.setHeader("accessToken", accessToken); // response.setHeader("refreshToken", refreshToken);
Map<String, String> tokens = new HashMap<>();
tokens.put("accessToken", accessToken);
tokens.put("refreshToken", refreshToken);
response.setContentType(APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getOutputStream(), tokens);
}
successAuthentication 正在創建 JWT 令牌
我想將重繪 令牌存盤在資料庫中,
我應該如何處理它?
uj5u.com熱心網友回復:
我認為您不應該將它們存盤到資料庫中。取而代之的是,您可以使用本地存盤包,例如 SharedPreferences。這會將您的身份資訊存盤到本地存盤中。這更有用。
轉載請註明出處,本文鏈接:https://www.uj5u.com/houduan/480009.html
上一篇:org.springframework.beans.factory.UnsatisfiedDependencyExceptionSpringJPA