<!-- https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt -->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
@Service
public class JWTService {
private static final String secretKey = "secretkey";
private long expire = 1000L * 60 * 60 * 24; // ํ ํฐ ์ ํจ๊ธฐ๊ฐ: 24์๊ฐ
// ํ ํฐ ์์ฑ ๋ฉ์๋
public String createToken(User user, String AutoLogin) {
// ํ ํฐ ์๋ช
์๊ณ ๋ฆฌ์ฆ
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
// ๋ก๊ทธ์ธ ์ ์ง ์ฒดํฌ ์ ๋ ๊ฒฝ์ฐ - 7์ผ ์ ํจ
if(AutoLogin.equals("true")) {
return Jwts.builder()
.setHeaderParam("typ", "JWT")
.claim("id", user.getId())
.setExpiration(new Date(System.currentTimeMillis() + 7*expire))
.signWith(signatureAlgorithm, secretKey.getBytes())
.compact();
}else{ // ๋ก๊ทธ์ธ ์ ์ง ์ฒดํฌ๋ ๊ฒฝ์ฐ - expire ์๊ธด ํจ
return Jwts.builder()
.setHeaderParam("typ", "JWT") // ํ ํฐ ํ์
.claim("id", user.getId()) // payload ๋ฃ๊ธฐ
.setExpiration(new Date(System.currentTimeMillis() + expire))
.signWith(signatureAlgorithm, secretKey.getBytes()) // ํ ํฐ ์๋ช
.compact(); // ์ง๋ ฌํ
}
}
// ํ ํฐ ์ claim ์ ๋ณด ๊ฐ์ ธ์ค๋ ๋ฉ์๋
public Claims getClaim(String token) {
Claims claims = Jwts.parser()
.setSigningKey(secretKey.getBytes())
.parseClaimsJws(token)
.getBody();
return claims;
}
// JWT token ์ ํจ์ฑ ๊ฒ์ฆ ๋ฉ์๋
public boolean checkTokenExp(String token) {
try{
Claims claims = Jwts.parser()
.setSigningKey(secretKey.getBytes())
.parseClaimsJws(token)
.getBody();
System.out.println("[+] expire: " + claims.getExpiration());
return true;
}catch(ExpiredJwtException e) { // ํ ํฐ ๋ง๋ฃ๋ ๊ฒฝ์ฐ
System.out.println("[-] Token Expired");
return false;
}catch(JwtException e) { // ํ ํฐ ๋ณ์กฐ๋ ๊ฒฝ์ฐ
System.out.println("[-] Token Modified");
return false;
}
}
}
// ๋ก๊ทธ์ธ
@PostMapping("signIn/general")
public User signInAuth(@RequestBody HashMap<String,String> loginInfo, HttpServletResponse response) {
System.out.println("[+] Login authentication from Android");
System.out.println("[+] id: " + loginInfo.get("id") + ", password: " + loginInfo.get("password") + ", AutoLogin: " + loginInfo.get("AutoLogin"));
List<User> list = mongoTemplate.find(new Query(new Criteria("_id").is(loginInfo.get("id")).and("password").is(loginInfo.get("password"))), User.class, "User");
if(list.size() > 0) {
System.out.println("[+] Login Success");
System.out.println(list.get(0).toString());
// JWT Token ์์ฑ
String token = jwtService.createToken(list.get(0), loginInfo.get("AutoLogin"));
System.out.println("token: " + token);
// HTTP ํค๋์ token ๋ข๊ธฐ
response.setHeader("jwt-token", token);
return list.get(0);
}else {
System.out.println("[+] Login Failed");
return null;
}
}
[Spring] FCM PUSH Notification (FCM PUSH ์๋ฆผ) (1) | 2022.03.11 |
---|---|
AWS EC2์ Spring ์๋ฒ ๋ฐฐํฌ (1) | 2022.03.04 |
[Spring] ํ ์คํธ ์ฝ๋ ์์ฑ (0) | 2022.02.24 |
[Spring] ์๋ต ๋ฌธ์์ด ํ๊ธ ๊นจ์ง ๋ฌธ์ ํด๊ฒฐ (0) | 2022.02.16 |
JWT (JSON Web Token) (0) | 2022.01.28 |