SpringBoot 3.0 开发简单接口

Spring Boot 开发用户认证接口

下面是一个完整的 Spring Boot 项目，实现了用户注册、登录和获取用户信息的功能。项目使用了 JWT(token令牌) 进行认证，MD5 加密密码，并遵循了分层架构设计。

项目结构

com/
└── YJZE/├── controller/       # 控制器层├── mapper/           # 数据访问层├── pojo/             # 实体类├── service/          # 服务接口└── service/impl/     # 服务实现└── utils/            # 工具类

技术栈

• Spring Boot 3.1.3：快速开发框架
• MyBatis：ORM 框架
• MySQL：数据库
• JWT：认证机制
• Lombok：简化代码
• Validation：参数校验
• MD5：密码加密

核心代码实现

1. 实体类 (pojo)

// User.java
@Data
public class User {private Integer id;private String username;@JsonIgnore // 序列化时忽略密码字段private String password;private String nickname;private String email;private String userPic;private LocalDateTime createTime;private LocalDateTime updateTime;
}// Result.java - 统一响应格式
@Data
@NoArgsConstructor
@AllArgsConstructor
public class Result<T> {private Integer code;  // 0-成功 1-失败private String message;private T data;public static <E> Result<E> success(E data) {return new Result<>(0, "操作成功", data);}public static Result success() {return new Result(0, "操作成功", null);}public static Result error(String message) {return new Result(1, message, null);}
}

2. 数据访问层 (mapper)

@Mapper
public interface UserMapper {@Select("SELECT * FROM user WHERE username = #{username}")User findByUserName(String username);@Insert("INSERT INTO user(username,password,create_time,update_time) " +"VALUES (#{username},#{password},now(),now())")void add(String username, String password);
}

3. 服务层 (service)

// 接口
public interface UserService {User findByUserName(String username);void register(String username, String password);
}// 实现类
@Service
public class UserServiceImpl implements UserService {@Autowiredprivate UserMapper userMapper;@Overridepublic User findByUserName(String username) {return userMapper.findByUserName(username);}@Overridepublic void register(String username, String password) {// MD5加密密码String encryptedPwd = Md5Util.getMD5String(password);userMapper.add(username, encryptedPwd);}
}

4. 控制器层 (controller)

@RestController
@RequestMapping("/user")
@Validated
public class UserController {@Autowiredprivate UserService userService;// 用户注册@PostMapping("/register")public Result register(@Pattern(regexp = "^\\S{5,16}$") String username,@Pattern(regexp = "^\\S{5,16}$") String password) {if (userService.findByUserName(username) != null) {return Result.error("用户名已存在");}userService.register(username, password);return Result.success();}// 用户登录@PostMapping("/login")public Result<String> login(@Pattern(regexp = "^\\S{5,16}$") String username,@Pattern(regexp = "^\\S{5,16}$") String password) {User user = userService.findByUserName(username);if (user == null) return Result.error("用户名错误");if (!Md5Util.getMD5String(password).equals(user.getPassword())) {return Result.error("密码错误");}// 生成JWT TokenMap<String, Object> claims = new HashMap<>();claims.put("id", user.getId());claims.put("username", user.getUsername());String token = JwtUtil.genToken(claims);return Result.success(token);}// 获取用户信息@GetMapping("/userInfo")public Result<User> userInfo(@RequestHeader("Authorization") String token) {Map<String, Object> claims = JwtUtil.parseToken(token);String username = (String) claims.get("username");return Result.success(userService.findByUserName(username));}
}

5. 工具类 (utils)

// JWT工具类
public class JwtUtil {private static final String KEY = "your-secret-key";private static final long EXPIRATION = 1000 * 60 * 60 * 12; // 12小时public static String genToken(Map<String, Object> claims) {return JWT.create().withClaim("claims", claims).withExpiresAt(new Date(System.currentTimeMillis() + EXPIRATION)).sign(Algorithm.HMAC256(KEY));}public static Map<String, Object> parseToken(String token) {return JWT.require(Algorithm.HMAC256(KEY)).build().verify(token).getClaim("claims").asMap();}
}// MD5工具类
public class Md5Util {public static String getMD5String(String str) {try {MessageDigest md5 = MessageDigest.getInstance("MD5");byte[] digest = md5.digest(str.getBytes(StandardCharsets.UTF_8));return new BigInteger(1, digest).toString(16);} catch (NoSuchAlgorithmException e) {throw new RuntimeException("MD5加密失败", e);}}
}

数据库表设计

CREATE TABLE `user` (`id` int NOT NULL AUTO_INCREMENT,`username` varchar(16) NOT NULL COMMENT '用户名',`password` varchar(32) NOT NULL COMMENT '密码(MD5加密)',`nickname` varchar(16) DEFAULT NULL COMMENT '昵称',`email` varchar(32) DEFAULT NULL COMMENT '邮箱',`user_pic` varchar(128) DEFAULT NULL COMMENT '头像URL',`create_time` datetime NOT NULL COMMENT '创建时间',`update_time` datetime NOT NULL COMMENT '更新时间',PRIMARY KEY (`id`),UNIQUE KEY `username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

接口文档

1. 用户注册

• URL: /user/register
• Method: POST
• Request Params:
  • username: 5-16位非空字符
  • password: 5-16位非空字符
• Success Response:

  {"code": 0,"message": "操作成功","data": null
  }
  

2. 用户登录

• URL: /user/login
• Method: POST
• Request Params:
  • username: 5-16位非空字符
  • password: 5-16位非空字符
• Success Response:

  {"code": 0,"message": "操作成功","data": "JWT_TOKEN"
  }
  

3. 获取用户信息

• URL: /user/userInfo
• Method: GET
• Headers:
  • Authorization: JWT_TOKEN
• Success Response:

  {"code": 0,"message": "操作成功","data": {"id": 1,"username": "testuser","nickname": null,"email": null,"userPic": null,"createTime": "2023-01-01T00:00:00","updateTime": "2023-01-01T00:00:00"}
  }
  

安全注意事项

1. 密码加密：使用MD5对密码进行加密存储
2. 敏感信息过滤：使用@JsonIgnore过滤密码字段
3. JWT安全：
   • 使用足够复杂的密钥
   • 设置合理的过期时间
   • 使用HTTPS传输
4. 参数校验：使用@Validated和正则表达式校验输入参数

这个实现提供了一个基础的认证系统，可以根据实际需求扩展更多功能，如密码重置、权限管理等。