Home > Database > Redis > body text

How to solve the problem of storing user tokens in Redis

WBOY
Release: 2023-05-31 08:06:10
forward
1423 people have browsed it

    Redis stores user token

    When designing a system similar to e-commerce, a common requirement is that each page needs to carry logged-in user information.

    There are two common solutions:

    • Use cookies to save

    • Use JWT to save

    But if Redis cache is used in the system, then there is a third solution - cache the user token in Redis.

    Generate a token when logging in and store it in Redis

    //生成一个token对象,保存在redis中
    redisTemplate.opsForHash().put("token","user",user);
    Copy after login

    When each page is generated, provide the token

    //以JSON字符串形式返回token
    @RequestMapping(value = "/getToken",method = RequestMethod.GET)
    @ResponseBody
    public User getToken(){
        User user = (User) redisTemplate.opsForHash().get("token", "user");
        return user;
    }
    Copy after login
    //发送ajax请求,获取token
    function get_token(){
        $.ajax({
            url:"getToken",
            type:"GET",
            dataType:"JSON",
            success:function(result){
                //将返回的用户信息保存在token中
                var token = result;
                //打印登录用户
                console.log(token);
                //打印登录用户的id
                console.log(token.id);
                document.getElementById('username').innerText = "用户名:"+token.username;
            }
        });
    }
    Copy after login

    Delete the token when logging out

    //注销
    @RequestMapping("/logout")
    public String logout(){
        redisTemplate.opsForHash().delete("token","user");
        return "/login";
    }
    Copy after login

    Redis Dealing with token issues

    java—Handling tokens based on redis

    First of all, make it clear that token: token is a way of processing user information for front-end and back-end interaction after logging in. There are two main types Methods, one is based on session storage, and the other is based on redis storage. This article only discusses user information processing based on redis.   

    For every information interaction after a user logs in, if user information needs to be passed, especially user IDs and the like, it is obviously unwise to query the database every time. We can Create a space in redis to save user information, and then we will use it from redis every time we need user information.

    First create RedisUtil

    @Component
    
    public class RedisUtil {
    
        @Autowired
        private RedisTemplate redisTemplate;   //key-value是对象的
    
        //判断是否存在key
        public boolean hasKey(String key) {
            return redisTemplate.hasKey(key);
        }
    
        //从redis中获取值
        public Object get(String key) {
            return redisTemplate.opsForValue().get(key);
        }
    
        //向redis插入值
        public boolean set(final String key, Object value) {
            boolean result = false;
            try {
                redisTemplate.opsForValue().set(key, value);
                result = true;
            } catch (Exception e) {
                e.printStackTrace();
            }
            return result;
        }
    
        //向redis插入值带过期时间 单位:分钟
        public boolean set(final String key, Object value, long time) {
            boolean result = false;
            try {
                redisTemplate.opsForValue().set(key, value, time, TimeUnit.MINUTES);
                result = true;
            } catch (Exception e) {
                e.printStackTrace();
            }
            return result;
        }
    
        //redis删除值
        public boolean del(final String key) {
            return redisTemplate.delete(key);
        }
    
        //批量删除某个字段开始的key
        public long batchDel(String key) {
            Set<String> set = redisTemplate.keys(key + "*");
            return redisTemplate.delete(set);
        }
    
    }
    Copy after login

    After creating RedisUtil, we need to store the value in redis. At this time, we need to pay attention to the fact that our key needs to be discussed with the front-end in advance, which field name to use, and the current-end When requesting, the key must be passed in the header. The value is encrypted and returned to the front end after the first login. After we get the header information, we need to decrypt the value first and use the value as the key to get the user information.

    @Component
    public class UserUtil {
        @Autowired
        private RedisUtil redisUtil;
        @Autowired
        private HttpServletRequest request;
    
        /**
         * 后台管理的登录id
         *
         * @return
         */
        public JsonResult getUser() {
            String header = request.getHeader("#与前端约定的统一字段#");
            //解密
            String decrypt = DESUtil.decrypt(header);
            if (!redisUtil.hasKey(decrypt))return JsonResult.error("未登录");
            User user = null;
            try {
                user = (User) redisUtil.get(decrypt);
            } catch (Exception e) {
                e.printStackTrace();
            }
            if (decrypt == null) return JsonResult.error("权限不足");
            return JsonResult.success(user);
        }
    }
    Copy after login

    When we need it

            JsonResult jsonResult = userUtil.getUser();
            if (jsonResult.getCode() != 1) return jsonResult;
            //强转成对象。此处不用担心强转失败,因为存入的时候就是对象存储,只不过为了复用,存的是object类型
            User user= (User) jsonResult.getData();
            return JsonResult.success(#service层#);
        }
    Copy after login

    The above is the detailed content of How to solve the problem of storing user tokens in Redis. For more information, please follow other related articles on the PHP Chinese website!

    Related labels:
    source:yisu.com
    Statement of this Website
    The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
    Popular Tutorials
    More>
    Latest Downloads
    More>
    Web Effects
    Website Source Code
    Website Materials
    Front End Template