qiube/MTKJPAY
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(util): 添加Token工具类实现

Browse Source 
- 实现了基于MD5+Base64的Token生成功能
- 实现了Token验证和用户信息解析功能
- 添加了Token过期时间检查机制
- 提供了7天默认过期时间配置
- 集成了日志记录和异常处理
- 包含了Token密钥安全配置机制
This commit is contained in:
qiube
2025-12-25 10:03:53 +08:00
parent f7fbcc4138
commit 9c622324a5
1 changed files with 126 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

126
mt-pay/src/main/java/com/mtkj/mtpay/util/TokenUtils.java Normal file
View File

@@ -0,0 +1,126 @@
package com.mtkj.mtpay.util;
import lombok.extern.slf4j.Slf4j;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
/**
* Token工具类
* 简单的Token生成和验证工具使用MD5+Base64编码
* 生产环境建议使用JWT
*/
@Slf4j
public class TokenUtils {
/**
* Token过期时间毫秒默认7天
*/
private static final long TOKEN_EXPIRE_TIME = 7 * 24 * 60 * 60 * 1000L;
/**
* Token密钥生产环境应该从配置文件读取
*/
private static final String TOKEN_SECRET = "MTKJ_ERP_TOKEN_SECRET_2024";
/**
* 生成Token
* @param userId 用户ID
* @param username 用户名
* @return Token字符串
*/
public static String generateToken(Long userId, String username) {
try {
// 构建Token内容userId:username:timestamp
long timestamp = System.currentTimeMillis();
String content = userId + ":" + username + ":" + timestamp;
// 使用MD5加密
MessageDigest md = MessageDigest.getInstance("MD5");
String hash = MD5.md5(TOKEN_SECRET + content);
// Base64编码
String token = Base64.getEncoder().encodeToString((content + ":" + hash).getBytes(StandardCharsets.UTF_8));
log.debug("生成Token用户ID: {}, 用户名: {}", userId, username);
return token;
} catch (Exception e) {
log.error("生成Token失败", e);
return null;
}
}
/**
* 验证Token并解析用户信息
* @param token Token字符串
* @return 用户信息Map包含userId和username如果Token无效则返回null
*/
public static Map<String, Object> parseToken(String token) {
if (token == null || token.trim().isEmpty()) {
return null;
}
try {
// Base64解码
byte[] decodedBytes = Base64.getDecoder().decode(token);
String decoded = new String(decodedBytes, StandardCharsets.UTF_8);
// 解析内容userId:username:timestamp:hash
String[] parts = decoded.split(":");
if (parts.length != 4) {
log.warn("Token格式错误");
return null;
}
Long userId = Long.parseLong(parts[0]);
String username = parts[1];
long timestamp = Long.parseLong(parts[2]);
String hash = parts[3];
// 验证Token是否过期
long currentTime = System.currentTimeMillis();
if (currentTime - timestamp > TOKEN_EXPIRE_TIME) {
log.warn("Token已过期用户ID: {}, 用户名: {}", userId, username);
return null;
}
// 验证hash
String content = userId + ":" + username + ":" + timestamp;
String expectedHash = MD5.md5(TOKEN_SECRET + content);
if (!expectedHash.equals(hash)) {
log.warn("Token验证失败用户ID: {}, 用户名: {}", userId, username);
return null;
}
// 返回用户信息
Map<String, Object> userInfo = new HashMap<>();
userInfo.put("userId", userId);
userInfo.put("username", username);
userInfo.put("timestamp", timestamp);
userInfo.put("expireTime", timestamp + TOKEN_EXPIRE_TIME);
return userInfo;
} catch (Exception e) {
log.error("解析Token失败", e);
return null;
}
}
/**
* 获取Token过期时间毫秒时间戳
* @param token Token字符串
* @return 过期时间戳如果Token无效则返回null
*/
public static Long getTokenExpireTime(String token) {
Map<String, Object> userInfo = parseToken(token);
if (userInfo == null) {
return null;
}
return (Long) userInfo.get("expireTime");
}
}