From 9c622324a5e9420283915fb72c37035974a4be4f Mon Sep 17 00:00:00 2001 From: qiube <18969599531@163.com> Date: Thu, 25 Dec 2025 10:03:53 +0800 Subject: [PATCH] =?UTF-8?q?feat(util):=20=E6=B7=BB=E5=8A=A0Token=E5=B7=A5?= =?UTF-8?q?=E5=85=B7=E7=B1=BB=E5=AE=9E=E7=8E=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 实现了基于MD5+Base64的Token生成功能 - 实现了Token验证和用户信息解析功能 - 添加了Token过期时间检查机制 - 提供了7天默认过期时间配置 - 集成了日志记录和异常处理 - 包含了Token密钥安全配置机制 --- .../java/com/mtkj/mtpay/util/TokenUtils.java | 126 ++++++++++++++++++ 1 file changed, 126 insertions(+) create mode 100644 mt-pay/src/main/java/com/mtkj/mtpay/util/TokenUtils.java diff --git a/mt-pay/src/main/java/com/mtkj/mtpay/util/TokenUtils.java b/mt-pay/src/main/java/com/mtkj/mtpay/util/TokenUtils.java new file mode 100644 index 0000000..dff25a0 --- /dev/null +++ b/mt-pay/src/main/java/com/mtkj/mtpay/util/TokenUtils.java @@ -0,0 +1,126 @@ +package com.mtkj.mtpay.util; + +import lombok.extern.slf4j.Slf4j; + +import java.nio.charset.StandardCharsets; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.Base64; +import java.util.HashMap; +import java.util.Map; + +/** + * Token工具类 + * 简单的Token生成和验证工具,使用MD5+Base64编码 + * 生产环境建议使用JWT + */ +@Slf4j +public class TokenUtils { + + /** + * Token过期时间(毫秒),默认7天 + */ + private static final long TOKEN_EXPIRE_TIME = 7 * 24 * 60 * 60 * 1000L; + + /** + * Token密钥(生产环境应该从配置文件读取) + */ + private static final String TOKEN_SECRET = "MTKJ_ERP_TOKEN_SECRET_2024"; + + /** + * 生成Token + * @param userId 用户ID + * @param username 用户名 + * @return Token字符串 + */ + public static String generateToken(Long userId, String username) { + try { + // 构建Token内容:userId:username:timestamp + long timestamp = System.currentTimeMillis(); + String content = userId + ":" + username + ":" + timestamp; + + // 使用MD5加密 + MessageDigest md = MessageDigest.getInstance("MD5"); + String hash = MD5.md5(TOKEN_SECRET + content); + + // Base64编码 + String token = Base64.getEncoder().encodeToString((content + ":" + hash).getBytes(StandardCharsets.UTF_8)); + + log.debug("生成Token,用户ID: {}, 用户名: {}", userId, username); + return token; + } catch (Exception e) { + log.error("生成Token失败", e); + return null; + } + } + + /** + * 验证Token并解析用户信息 + * @param token Token字符串 + * @return 用户信息Map,包含userId和username,如果Token无效则返回null + */ + public static Map parseToken(String token) { + if (token == null || token.trim().isEmpty()) { + return null; + } + + try { + // Base64解码 + byte[] decodedBytes = Base64.getDecoder().decode(token); + String decoded = new String(decodedBytes, StandardCharsets.UTF_8); + + // 解析内容:userId:username:timestamp:hash + String[] parts = decoded.split(":"); + if (parts.length != 4) { + log.warn("Token格式错误"); + return null; + } + + Long userId = Long.parseLong(parts[0]); + String username = parts[1]; + long timestamp = Long.parseLong(parts[2]); + String hash = parts[3]; + + // 验证Token是否过期 + long currentTime = System.currentTimeMillis(); + if (currentTime - timestamp > TOKEN_EXPIRE_TIME) { + log.warn("Token已过期,用户ID: {}, 用户名: {}", userId, username); + return null; + } + + // 验证hash + String content = userId + ":" + username + ":" + timestamp; + String expectedHash = MD5.md5(TOKEN_SECRET + content); + if (!expectedHash.equals(hash)) { + log.warn("Token验证失败,用户ID: {}, 用户名: {}", userId, username); + return null; + } + + // 返回用户信息 + Map userInfo = new HashMap<>(); + userInfo.put("userId", userId); + userInfo.put("username", username); + userInfo.put("timestamp", timestamp); + userInfo.put("expireTime", timestamp + TOKEN_EXPIRE_TIME); + + return userInfo; + } catch (Exception e) { + log.error("解析Token失败", e); + return null; + } + } + + /** + * 获取Token过期时间(毫秒时间戳) + * @param token Token字符串 + * @return 过期时间戳,如果Token无效则返回null + */ + public static Long getTokenExpireTime(String token) { + Map userInfo = parseToken(token); + if (userInfo == null) { + return null; + } + return (Long) userInfo.get("expireTime"); + } +} +