设置Token失效时间

619b4e5f · GongDaCheng · 22deff34 · 619b4e5f · 619b4e5f
Commit 619b4e5f authored Dec 22, 2021 by GongDaCheng
--- a/jinyun/web/src/main/java/com/jinyun/web/interceptor/AuthenticationInterceptor.java
+++ b/jinyun/web/src/main/java/com/jinyun/web/interceptor/AuthenticationInterceptor.java
@@ -48,7 +48,7 @@ public class AuthenticationInterceptor implements HandlerInterceptor {
            if (userLoginToken.required()) {
                // 执行认证
                if (token == null) {
-                    throw new RuntimeException("无token，请重新登录");
+                    throw new RuntimeException("403");
                }
                // 获取 token 中的 user id
                String userId;

--- a/jinyun/web/src/main/java/com/jinyun/web/service/TokenService.java
+++ b/jinyun/web/src/main/java/com/jinyun/web/service/TokenService.java
@@ -5,6 +5,8 @@ import com.auth0.jwt.algorithms.Algorithm;
 import com.jinyun.web.entity.User;
 import org.springframework.stereotype.Service;

+import java.util.Date;
+

 /**
 * @author jinbin
@@ -14,7 +16,9 @@ import org.springframework.stereotype.Service;
 public class TokenService {
    public String getToken(User user) {
        String token="";
-        token= JWT.create().withAudience(user.getId())// 将 user id 保存到 token 里面
+        Date expires = new Date(System.currentTimeMillis() + 24 * 60 * 60 * 1000);
+        token= JWT.create().withExpiresAt(expires)
+                .withAudience(user.getId())// 将 user id 保存到 token 里面
                .sign(Algorithm.HMAC256(user.getPassword()));// 以 password 作为 token 的密钥
        return token;
    }