st2311061234/2311061234
1
1
Fork 0
generated from Java-2025Fall/final-vibevault-template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新 src/main/java/com/vibevault/security/JwtService.java
Some checks are pending
autograde-final-vibevault / check-trigger (push) Waiting to run
Details
autograde-final-vibevault / grade (push) Blocked by required conditions
Details

Browse Source
This commit is contained in:
张雪尔 2025-12-22 04:12:13 +08:00
parent 768876a4ce
commit 87546e6f19
1 changed files with 89 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
src/main/java/com/vibevault/security/JwtService.java
View File

@ -1,21 +1,25 @@
package com.vibevault.security;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.security.Keys;
import io.jsonwebtoken.security.SecurityException;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import com.vibevault.model.User;
import javax.crypto.SecretKey;
import java.nio.charset.StandardCharsets;
import java.util.Date;
/**
* JWT 服务
*
* 需要实现
* - 生成 JWT token包含用户名
* - token 中提取用户名
* - 验证 token 是否有效未过期签名正确
* 提供 JWT token 的生成验证和解析功能
*/
@Service
public class JwtService {
@ -24,32 +28,80 @@ public class JwtService {
private String secret;
@Value("${jwt.expiration:86400000}")
private long expiration;
private long expiration; // 默认 24 小时
/**
* 为用户生成 JWT token
*/
public String generateToken(String username) {
// TODO: 实现 token 生成
// 提示使用 Jwts.builder()
throw new UnsupportedOperationException("待实现");
Date now = new Date();
Date expiryDate = new Date(now.getTime() + expiration);
return Jwts.builder()
.setSubject(username)
.setIssuedAt(now)
.setExpiration(expiryDate)
.signWith(getSigningKey())
.compact();
}
/**
* token 中提取用户名
*/
public String extractUsername(String token) {
// TODO: 实现用户名提取
// 提示使用 Jwts.parser()
throw new UnsupportedOperationException("待实现");
Claims claims = extractAllClaims(token);
return claims.getSubject();
}
/**
* 验证 token 是否有效
*/
public boolean isTokenValid(String token, String username) {
// TODO: 实现 token 验证
throw new UnsupportedOperationException("待实现");
public boolean isTokenValid(String token, User user) {
try {
String username = extractUsername(token);
return username.equals(user.getUsername()) && !isTokenExpired(token);
} catch (Exception e) {
return false;
}
}
/**
* 验证 token 是否有效
*/
public boolean isTokenValid(String token) {
try {
extractAllClaims(token);
return !isTokenExpired(token);
} catch (Exception e) {
return false;
}
}
/**
* 检查 token 是否过期
*/
private boolean isTokenExpired(String token) {
Date expirationDate = extractExpiration(token);
return expirationDate.before(new Date());
}
/**
* 提取 token 的过期时间
*/
private Date extractExpiration(String token) {
Claims claims = extractAllClaims(token);
return claims.getExpiration();
}
/**
* token 中提取所有声明
*/
private Claims extractAllClaims(String token) {
return Jwts.parserBuilder()
.setSigningKey(getSigningKey())
.build()
.parseClaimsJws(token)
.getBody();
}
/**
@ -58,4 +110,26 @@ public class JwtService {
private SecretKey getSigningKey() {
return Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8));
}
}
/**
* 验证 token 签名和格式
*/
public boolean validateToken(String token) {
try {
Jwts.parserBuilder()
.setSigningKey(getSigningKey())
.build()
.parseClaimsJws(token);
return true;
} catch (SecurityException e) {
System.out.println("无效的 JWT 签名");
} catch (MalformedJwtException e) {
System.out.println("无效的 JWT token");
} catch (ExpiredJwtException e) {
System.out.println("JWT token 已过期");
} catch (IllegalArgumentException e) {
System.out.println("JWT token 为空或格式错误");
}
return false;
}
}