package com.rongyichuang.auth.util; import io.jsonwebtoken.*; import io.jsonwebtoken.security.Keys; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import javax.crypto.SecretKey; import java.util.Date; /** * JWT工具类 */ @Component public class JwtUtil { private static final Logger logger = LoggerFactory.getLogger(JwtUtil.class); @Value("${app.jwt.secret}") private String jwtSecret; @Value("${app.jwt.expiration:86400000}") // 默认24小时 private long jwtExpiration; /** * 生成JWT token */ public String generateToken(Long userId, String phone) { Date now = new Date(); Date expiryDate = new Date(now.getTime() + jwtExpiration); SecretKey key = Keys.hmacShaKeyFor(jwtSecret.getBytes()); return Jwts.builder() .setSubject(userId.toString()) .claim("phone", phone) .setIssuedAt(now) .setExpiration(expiryDate) .signWith(key, SignatureAlgorithm.HS256) .compact(); } /** * 从token中获取用户ID */ public Long getUserIdFromToken(String token) { Claims claims = getClaimsFromToken(token); return Long.parseLong(claims.getSubject()); } /** * 从token中获取手机号 */ public String getPhoneFromToken(String token) { Claims claims = getClaimsFromToken(token); return claims.get("phone", String.class); } /** * 验证token是否有效 */ public boolean validateToken(String token) { try { getClaimsFromToken(token); return true; } catch (JwtException | IllegalArgumentException e) { logger.error("JWT token验证失败: {}", e.getMessage()); return false; } } /** * 检查token是否过期 */ public boolean isTokenExpired(String token) { try { Claims claims = getClaimsFromToken(token); return claims.getExpiration().before(new Date()); } catch (JwtException | IllegalArgumentException e) { return true; } } /** * 从token中解析Claims */ private Claims getClaimsFromToken(String token) { SecretKey key = Keys.hmacShaKeyFor(jwtSecret.getBytes()); return Jwts.parserBuilder() .setSigningKey(key) .build() .parseClaimsJws(token) .getBody(); } }