快乐暑假第八周
本周主要完成了对于Springboot和vue2的学习
vue2和html中以前学习的差不多,主要是main.js是入口文件,通过vue的讲解还是很简单的,对于vue和springboot后端的前后端端口对接,主要是在vue.config.js配置中的devServer添加
proxy: { '/api': { target: 'http://localhost:7070', // 将请求代理到后端服务器地址 changeOrigin: true, // 设置changeOrigin为true,解决跨域问题 pathRewrite: { '^/api': '' // 通过pathRewrite重写路径,去掉/api前缀 } } }
然后可以通过axios中写的url替换为"/api/***"来完成跨域报错问题。
在学习springboot中完成了JWT令牌的生成和解析
package com.example.mybatis.pojo; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import java.util.Date; import java.util.Map; public class JwtUtils { private static final String signKey = "mybatis"; private static final Long expire = 43200000L; /** * 生成JWT令牌 * @param claims JWT第二部分负载 payload 中存储的内容 * @return */ public static String generateJwt(Map<String, Object> claims){ String jwt = Jwts.builder() .addClaims(claims) .signWith(SignatureAlgorithm.HS256, signKey) .setExpiration(new Date(System.currentTimeMillis() + expire)) .compact(); return jwt; } /** * 解析JWT令牌 * @param jwt JWT令牌 * @return JWT第二部分负载 payload 中存储的内容 */ public static Claims parseJWT(String jwt){ Claims claims = Jwts.parser() .setSigningKey(signKey) .parseClaimsJws(jwt) .getBody(); return claims; } }
对于数据库加密
通过
package com.example.mybatis.pojo; /** * 加密密码 */ import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Arrays; import java.util.Base64; public class EncryptionUtil { private static final String ALGORITHM = "AES"; private static final String ORIGINAL_KEY = "encryption_key"; private static final byte[] SECRET_KEY = generateKey(ORIGINAL_KEY); private static byte[] generateKey(String originalKey) { try { MessageDigest digest = MessageDigest.getInstance("MD5"); byte[] hashedKey = digest.digest(originalKey.getBytes(StandardCharsets.UTF_8)); return Arrays.copyOf(hashedKey, 16); // 使用前16个字节作为AES密钥 } catch (NoSuchAlgorithmException e) { e.printStackTrace(); return null; } } // 加密字符串 public static String encrypt(String str) throws Exception { SecretKeySpec keySpec = new SecretKeySpec(SECRET_KEY, ALGORITHM); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, keySpec); byte[] encrypted = cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)); return Base64.getEncoder().encodeToString(encrypted); } // 解密字符串 public static String decrypt(String encryptedStr) throws Exception { SecretKeySpec keySpec = new SecretKeySpec(SECRET_KEY, ALGORITHM); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, keySpec); byte[] encryptedBytes = Base64.getDecoder().decode(encryptedStr); byte[] decrypted = cipher.doFinal(encryptedBytes); return new String(decrypted, StandardCharsets.UTF_8); } public static void main(String[] args) throws Exception { String originalStr = "123456"; System.out.println("原始字符串: " + originalStr); String encryptedStr = encrypt(originalStr); System.out.println("加密后的字符串: " + encryptedStr); String decryptedStr = decrypt(encryptedStr); System.out.println("解密后的字符串: " + decryptedStr); } }
也是可以的。
spring中的统一回复
则使用
package com.example.mybatis.pojo; /** * 统一响应结果封装类 */ public class Result { private Integer code;//1 成功 , 0 失败 private String msg; //提示信息 private Object data; //数据 data public Result() { } public Result(Integer code, String msg, Object data) { this.code = code; this.msg = msg; this.data = data; } public Integer getCode() { return code; } public void setCode(Integer code) { this.code = code; } public String getMsg() { return msg; } public void setMsg(String msg) { this.msg = msg; } public Object getData() { return data; } public void setData(Object data) { this.data = data; } public static Result success(Object data) { return new Result(1, "success", data); } public static Result success() { return new Result(1, "success", null); } public static Result error(String msg) { return new Result(0, msg, null); } @Override public String toString() { return "Result{" + "code=" + code + ", msg='" + msg + '\'' + ", data=" + data + '}'; } }
来完成。
同时学习了springboot中的拦截器
过滤器
/** * filter * 过滤器 * 需要 @WebFilter(urlPatterns = "/*") * 需要 在MybatisApplication中添加注解 @ServletComponentScan//开启了对于servlet组建的支持 */ import com.alibaba.fastjson.JSONObject; import com.example.mybatis.pojo.JwtUtils; import com.example.mybatis.pojo.Result; import lombok.extern.slf4j.Slf4j; import org.springframework.util.StringUtils; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @Slf4j //@WebFilter(urlPatterns = "/*") public class LoginCheckFilter implements Filter { @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) servletRequest; HttpServletResponse res = (HttpServletResponse) servletResponse; String url = req.getRequestURI().toString(); log.info("请求的路径为:" + url); if (url.contains("login")) { log.info("登陆操作,放行-----------------------------"); filterChain.doFilter(servletRequest, servletResponse); return; } String jwt = req.getHeader("token"); if (!StringUtils.hasLength(jwt)) { log.info("请求的token为空,返回未登录的信息"); Result error = Result.error("NOT_LOGIN"); String notLogin = JSONObject.toJSONString(error); res.getWriter().write(notLogin); return; } try { JwtUtils.parseJWT(jwt); } catch (Exception e) { e.printStackTrace(); log.info("解析令牌失败,返回错误信息"); Result error = Result.error("NOT_LOGIN"); String notLogin = JSONObject.toJSONString(error); res.getWriter().write(notLogin); return; } log.info("令牌合法,放行"); filterChain.doFilter(servletRequest, servletResponse); } }