[英]How to save token in database
我有一個 class 用戶:
int id;
String username;
String password;
String token;
Date tokenExpires;
我有這樣的方法:
private EntityManager em;
private User authenticate(String username, String password) throws Exception {
// Authenticate against a database, LDAP, file or whatever
// Throw an Exception if the credentials are invalid
Query query = em.createQuery("Select u from User u WHERE u.username = :name and u.password = :password");
query.setParameter("name", username);
query.setParameter("password", password);
return (User) query.getSingleResult();
}
以及生成令牌的方法:
private String issueToken(String username) {
Random random = new SecureRandom();
String token = new BigInteger(130, random).toString(32);
return token;
}
每次用戶登錄時,如何將此令牌保存到數據庫? 所以當用戶登錄時應該生成一個令牌,如果用戶再次登錄它應該生成一個新的令牌
當用戶登錄時,只需從數據庫中獲取用戶,然后設置提到的字段、令牌及其到期日期:
public User updateUser(String username, String password) {
User user = getUserBy(username, password);
String token = issueToken();
// token expires in 30 mins;
Date tokenExpires = new Date(System.currentTimeMillis() + 1800000);
user.setToken(token);
user.setTokenExpires(tokenExpires);
entityManager.getTransaction().begin();
entityManager.merge(user);
entityManager.getTransaction().commit();
}
考慮到您使用的是 Hibernate,那么還必須對用戶 model 進行注釋:
@Entity
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private int id;
private String username;
private String password;
private String token;
@Temporal(TemporalType.TIMESTAMP)
private Date tokenExpires;
// getters and setters, make sure they are present
}
如果您使用 spring,請嘗試本指南,例如: https://javadeveloperzone.com/spring-boot/spring-boot-oauth2-jdbc-token-store-example/
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.