JWT-token生效时长写到配置文件中

朱兆平
config/application.yml
readme.md
src/main/java/com/tianbo/warehouse/security/handel/MyAuthenticationSuccessHandler.java
--- a/config/application.yml
查看文件 @0d9a223
+++ b/config/application.yml
查看文件 @0d9a223
@@ -118,4 +118,6 @@ logging:
     #com.tianbo.warehouse.dao: DEBUG
     #org.springframework.security: trace
   #日志配置,输出到文本，
- 
+ #Java Web Token 时效时间,单位秒
+ jwt:
+   max-alive: 300
--- a/readme.md
查看文件 @0d9a223
+++ b/readme.md
查看文件 @0d9a223
@@ -25,6 +25,7 @@
 * 集成JWT JAVA Web Token框架
     * 前后端完全分离
     * 前端登录验证后，每次访问系统通过在头部携带带有JWT token的Authorization:Bearer "Tokens字符窜"访问系统
+     * 相关集成资料 [SpringBoot使用SpringSecurity搭建基于非对称加密的JWT及前后端分离的搭建](https://blog.csdn.net/lhc0512/article/details/80563160)
 * 已集成mybatis、mybatisGenerator、pageHelper
 * 集成定时任务框架
     * 目前在IMF框架中使用，打开IMF_Task里面的定时任务注释就可以启动IMF客户端功能
--- a/src/main/java/com/tianbo/warehouse/security/handel/MyAuthenticationSuccessHandler.java
查看文件 @0d9a223
+++ b/src/main/java/com/tianbo/warehouse/security/handel/MyAuthenticationSuccessHandler.java
查看文件 @0d9a223
@@ -2,8 +2,6 @@ package com.tianbo.warehouse.security.handel;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.tianbo.warehouse.bean.AuthSuccessResponse;
- import com.tianbo.warehouse.controller.PermssionController;
- import com.tianbo.warehouse.model.PERMISSION;
 import com.tianbo.warehouse.model.USERS;
 import com.tianbo.warehouse.security.filter.JwtTokenUtil;
 import com.tianbo.warehouse.security.model.LoginType;
@@ -12,8 +10,8 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import com.tianbo.warehouse.security.config.SecurityProperties;
+ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.Authentication;
- import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
 import org.springframework.security.web.savedrequest.RequestCache;
@@ -34,6 +32,9 @@ import java.util.Map;
 public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler{
     protected final Log logger = LogFactory.getLog(this.getClass());
 
+     @Value("${jwt.max-alive}")
+     protected Integer jwtMaxAlive;
+ 
     @Autowired
     private ObjectMapper objectMapper;
 
@@ -58,7 +59,7 @@ public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticat
             loginedUser.setPassword(null);
 
             //设置用户的TOKEN的有效时间，下面是300秒=5分钟
-             String jwtToken = JwtTokenUtil.generateToken(loginedUser.getUsername(), 300);
+             String jwtToken = JwtTokenUtil.generateToken(loginedUser.getUsername(), jwtMaxAlive);
             response.setHeader("Authorization",jwtToken);
 
             Map<String,Object> menuMap =  permissionService.getUserMenus(loginedUser.getUserId());