我想将刷新令牌存储在数据库中
I want to store the refresh token in the database
@Override
protected void successfulAuthentication(HttpServletRequest 请求,HttpServletResponse 响应,FilterChain 链,Authentication 认证)抛出 IOException,ServletException{
User user = (User) authentication.getPrincipal();
log.info("User {} is Login Success",user.getUsername());
Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
String accessToken = JWT.create()
// 사용자에 대해 식별할수 있는것 unique
.withSubject(user.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() + 10 * 60 * 1000 ))
.withIssuer(request.getRequestURL().toString())
.withClaim("roles",user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()))
.sign(algorithm);
String refreshToken = JWT.create()
// 사용자에 대해 식별할수 있는것 unique
.withSubject(user.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() + 60 * 60 * 1000 ))
.withIssuer(request.getRequestURL().toString())
.sign(algorithm);
// response.setHeader("accessToken", accessToken);
// response.setHeader("refreshToken", refreshToken);
Map<String, String> tokens = new HashMap<>();
tokens.put("accessToken", accessToken);
tokens.put("refreshToken", refreshToken);
response.setContentType(APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getOutputStream(), tokens);
}
successfulAuthentication 正在创建 JWT 令牌
我想将刷新令牌存储在数据库中,
我该如何处理?
我认为你不应该将它们存储到数据库中。您可以使用本地存储包代替它,例如 SharedPreferences。这会将您的身份信息存储到本地存储中。这个比较有用。
@Override protected void successfulAuthentication(HttpServletRequest 请求,HttpServletResponse 响应,FilterChain 链,Authentication 认证)抛出 IOException,ServletException{
User user = (User) authentication.getPrincipal();
log.info("User {} is Login Success",user.getUsername());
Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
String accessToken = JWT.create()
// 사용자에 대해 식별할수 있는것 unique
.withSubject(user.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() + 10 * 60 * 1000 ))
.withIssuer(request.getRequestURL().toString())
.withClaim("roles",user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()))
.sign(algorithm);
String refreshToken = JWT.create()
// 사용자에 대해 식별할수 있는것 unique
.withSubject(user.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() + 60 * 60 * 1000 ))
.withIssuer(request.getRequestURL().toString())
.sign(algorithm);
// response.setHeader("accessToken", accessToken); // response.setHeader("refreshToken", refreshToken);
Map<String, String> tokens = new HashMap<>();
tokens.put("accessToken", accessToken);
tokens.put("refreshToken", refreshToken);
response.setContentType(APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getOutputStream(), tokens);
}
successfulAuthentication 正在创建 JWT 令牌
我想将刷新令牌存储在数据库中,
我该如何处理?
我认为你不应该将它们存储到数据库中。您可以使用本地存储包代替它,例如 SharedPreferences。这会将您的身份信息存储到本地存储中。这个比较有用。