精华内容
下载资源
问答
  • 为您提供1Token日内交易专用版客户端下载,1Token日内交易专用版客户端是款为专业投资私募操盘手打造的日内交易终端,不仅有丰富全面的快捷键操作及设置功能,还拥有多窗口布局,多图看行情、多标的交易功能,支持...
  • Token

    千次阅读 2011-01-05 22:22:00
    <br />A token is an object which contains one or multiple fields and values. In Java the org.jWebSocket.token.Token class embeds a HashMap class, which holds multiple fields with their according...

    A token is an object which contains one or multiple fields and values. In Java the org.jWebSocket.token.Token class embeds a HashMap class, which holds multiple fields with their according values. Fieldnames, the keys within the Hashmap, are stored as Strings, the values can be arbitrary objects. Unlike JSON or XML tokens CSV tokens can only have simple fields i.e. they cannot contain complex object structures.

    Why use different Token formats?

    Each of the JSON, CSV and XML formats have their benefits for a particular purpose as described below.

    JSON

    JSON can be interpreted very easily by JavaScript clients, but not that easy by Java clients. JSON may hold security risks because it may execute malicous code on the client. So here you need to take care on the server side that potential executable codes are stripped out of a token. JSON is the best choice if you mostly interact with Browser clients and run a reliable script tag filter on the server. Unlike JSON CSV is not risky because it's data is not interpreted with eval but with as simple string tokenizer.

    Example: {field1:value1;field2:"value2";field3:[arrayitem1,arrayitem2];field4:{objfield1:value1;objfield2:value2}}

    CSV

    CSV is the most compact format, however, one drawback is that it does not support complex object structure but only plain rows, i.e. objects that contain simple data types only. CSV is the best choice if you have to exchange a high amount of data with flat structures.

    Example: field1=value1,field2="value2",field3=value3

    XML

    XML is the most flexible format but also the format with the highest overhead. XML can contain arbitrary object structures. Hence XML is the best choice if you do not have to exchange a high amount of data but keep to most flexible in terms of the token content.

    Example: Targeted for jWebSocket Release 1.1

    Token-Types

    Every token has a certain type stored in its type field. The type specifies which further fields within its namespace (see below) .

    Namespaces

    In jWebSockets the communication capabilities are implemented in various plug-ins, on the client-side as well as on the server-side. You can extend the existing functionality by creating your own plug-ins. To avoid naming conflicts with token fields jWebSocket provides namespaces for tokens. So before a plug-in starts to evaluate the content of a token it first checks for its name space which should match the name space of the plug-in.

    Token-IDs

    Every Token has a session unique token id which is exchanged between sender and receiver. Due to the multithreaded structure of the jWebSocket server it cannot be guaranteed that the results of a client request are returned to the client in the same order as they were requested. Thus if request is send to the server the jWebSocket client assigns a new session unique token id to each new token. The response from the server takes over this token-id into the response so that the client is able to assign the response correctly to the previous request.

    However, you do not need to consider the token ids in your applications. All incoming responses can also be captured in the OnMessage callback handler of the jWebSocket client. Also for RPC calls the jWebSocket.js library processes the token-ids internally to assign the result of a call to a server method internally, so that you usually do not need to take care of them.

    Token-Reference

    Below you find the list of supported tokens in the SystemPlugIn of the jWebSocket package. First the Server-to-Client (S2C) tokens are listed followed by the Client-To-Server (C2S)tokens.

    Server-To-Client Tokens

    welcome

    The welcome token is send from the server to a client, when the connection has successfully been established. The welcome token is the only token that contains the session-id for the client. It will neither be sent again by the server nor can it be requested by the client during the session. In all cases the processOpened method of the client is executed as soon as the connection was established.

    TokenDatatypeDescription
    typeStringAlways "welcome"
    vendorStringName of the vendor who provides the jWebSocket services. Can be configured in Config.java.
    versionStringVersion string of the jWebSocket server.
    usidStringUnique session id the jWebSocket assigns to that client.
    sourceIdIntegerUnique id for this client. This allows to address a certain a client in the network irrespective of their user id.
    timeoutIntegerSession timeout in milliseconds. After this time of client inactivity the server will automatically close the connection.

    goodBye

    The goodbye token is send from the server to a client after as response to a close request. The close method of the JavaScript client supports an timeout option. If timeout is <= 0  the client disconnects immediately. If the timeout is > 0 the client sends a close token to ther server and waits timeout milliseconds for the goodBye response. In this case the server disconnects after responding with goodBye. If the client does not receive the goodBye within the given timeout is disconnects as well. In all cases the processClosed method of the client is executed as soon as the connection was terminated.

    TokenDatatypeDescription
    typeStringAlways "goodBye"
    vendorStringName of the vendor who provides the jWebSocket services. Can be configured in Config.java.
    versionStringVersion string of the jWebSocket server.
    usidStringUnique session id the jWebSocket assigns to that client.
    portIntegerServer side outgoing TCP port number the client is connected with.

    response

    The response token is send as a response from a target to a previous request from a client. A response can either be send from the server e.g when running remote procedure calls (RPC) or from another client e.g. when running identify requests.

    TokenDatatypeDescription
    typeStringAlways "response"
    utidIntegerUnique token id to assign the response to the previous request on the client side.
    reqTypeStringType of the token which was sent for the previous request, original request type.
    codeIntegerShould be zero, if the result in Ok or any other code if an error occured (also see msg field).
    resultVariantResult of the request, can be of arbitrary type depending on the request and the method on the target.
    msgStringAn optional error message in case of errors or exceptions.

    event

    The event token is send as a message from the server or another client without a previous request. Events are fired when another client connects or disconnects or when the server side session timeout is exceed and the connection is about to be closed.

    TokenDatatypeDescription
    typeStringAllways "event".
    nameStringName of the event, further fields of this token depend on the event. Name can be associated with event type.
    ::Further fields depending on name / event type (see below).

    connect event

    A new client has connected to the jWebSocket network. This event is optional and can be configured to not being sent automatically by the server. Please refer to the identify request to learn how to obtain connected users by following individual privacy policies.

    TokenDatatypeDescription
    typeStringAlways "event"
    nameStringAlways "connect"
    sourceIdStringUnique id of the client that just connected (optional, whether or not broadcasting this field can be configured on the server).
    clientCountIntegerNumber of client currently connected the server (optional, whether or not broadcasting this field can be configured on the server).

    disconnect event

    A client has disconnected from the jWebSocket network. This event is optional and can be configured to not being sent automatically by the server. If the disconnect event is not sent by the server the client cannot update potential local client lists in real-time. To obtain the connected clients asynchronously please refer to the getClients token.

    TokenDatatypeDescription
    typeStringAlways "event"
    nameStringAlways "disconnect"
    sourceIdStringUnique id of the client that just connected (optional, whether or not broadcasting this field can be configured on the server).
    clientCountIntegerNumber of client currently connected the server including the one who is about to disconnect (optional, whether or not broadcasting this field can be configured on the server).

    login event

    A new client has successfully logged in. This event can be used e.g. to update user lists on the client in real-time. This event is optional and can be configured to not being sent automatically by the server. Please refer to the identify request to learn how to obtain connected users by following individual privacy policies.

    TokenDatatypeDescription
    typeStringAlways "event"
    nameStringAlways "login"
    sourceIdStringUnique id of the client that just connected (optional, whether or not broadcasting this field can be configured on the server).
    clientCountIntegerNumber of client currently connected the server including the one who is about to disconnect (optional, whether or not broadcasting this field can be configured on the server).
    usernameStringName of user who has logged in.

    logout event

    A client which previously was logged in has logged out. This event can be used e.g. to update user lists. This event is optional and can be configured to not being sent automatically by the server. If the logout event is not sent by the server the client cannot update potential local user lists in real-time. To obtain the connected users asynchronously please refer to the getClients token.

    TokenDatatypeDescription
    typeStringAlways "event"
    nameStringAlways "logout"
    sourceIdStringUnique id of the client that just connected (optional, whether or not broadcasting this field can be configured on the server).
    clientCountIntegerNumber of client currently connected the server including the one who is about to logout (optional, whether or not broadcasting this field can be configured on the server).
    usernameStringName of user who has logged out.

    Client-To-Server Tokens

    The following section describes the tokens which are send from the client to the server. These tokens can be associated with "commands" from the client to the server which usually are answered with a response token (see above) if not explicitely suppressed for certain reasons. Results are sent back from the server to the client in a response token as described above. Usually the fields result, code and msg are filled in the answer. Because JavaScript does not support synchronous calls each command provides an optional OnResponse listener which is fired when the response token arrives.

    login

    Authenticates a client after the connection has been established. The client should wait until the response is received from the server before notifying the user about the login state or a potential error. If a login token is sent while another user already is authenticated, the previous user automatically gets logged out.

    TokenDatatypeDescription
    typeStringAlways "login".
    nsStringNamespace "org.jWebSocket.plugins.system".
    usernameStringName of user who has logged out.
    passwordStringPlease refer to section security.

    logout

    Logs the current user out but does keeps the connection. Optionally another user can authenticate afterwards based upon the same underlying connection.

    TokenDatatypeDescription
    typeStringAlways "logout".
    nsStringNamespace "org.jWebSocket.plugins.system".

    close

    The close method of the JavaScript client supports an timeout option. If timeout is <= 0  the client disconnects immediately. If the timeout is > 0 the client sends a close token to ther server and waits timeout milliseconds for the goodBye response. In this case the server disconnects after responding with goodBye. If the client does not receive the goodBye within the given timeout it disconnects as well.

    TokenDatatypeDescription
    typeStringAlways "close".
    nsStringNamespace "org.jWebSocket.plugins.system".
    timeoutIntegerClose timeout in milliseconds.

    send

    The send token is forwarded by the server to the client addressed by the given targetId. In the responseRequested field the sender can specify whether or not to get a response (acknowlegge that the token has been forwarded) or not. I case of errors, e.g. when no client with the given targetId could be found, always a response with an error is returned.

    Please consider that a certain client cannot be addressed by it's username but by its client id only, because basically a user can login on multiple stations or browser instances/tabs, of course, only if the application allows that. Furthermore a client does not necessarily need to be authenticated to receive messages from the server.

    TokenDatatypeDescription
    typeStringAlways "send".
    nsStringNamespace "org.jWebSocket.plugins.system".
    dataStringThe message to be sent.
    sourceIdStringId of the source client who sent the message.
    targetIdStringId of the target client as receiver of the message.
    responseRequestedBooleanSpecifies whether the sender expects an answer or if it is a one-way token (targetted for v0.8)
    senderStringUsername of client who sent the message.

    broadcast

    The broadcast token is broadcasted by the server to all currently connected clients, optionally including the sender for special purposes. The server optionally sends a response (see field responseRequested). It's up to the other clients (targets) to send a response to the sender (source). Among others the broadcast can be used to e.g. for chat systems or to distribute player updates in gaming applications as well as to broadcast identify requests for the case that the server is configured to not automatically send connect, disconnect, login and logout events.

    TokenDatatypeDescription
    typeStringAlways "broadcast".
    nsStringNamespace "org.jWebSocket.plugins.system".
    dataStringThe message to be sent.
    sourceIdStringId of the source client who sent the message.
    senderIncludedBooleanSpecifies whether the message is also send to sender (default false).
    responseRequestedBooleanSpecifies whether the sender expects an answer or if it is a one-way token.
    senderStringUsername of the client who sent the message.

    echo

    The echo token sends a message to the server. The client expects a result with the same data. Usually applications will not use ths token, except for connection and performance tests. For keep-alive purposes please refer to the ping token.

    TokenDatatypeDescription
    typeStringAlways "echo"
    nsStringNamespace "org.jWebSocket.plugins.system".
    dataStringData to be sent to the server and echoed back.

    ping

    The ping token is a simple and short message from a client to the server to indicate that the client is still alive. If the server does not receive data within its session timeout he automatically closes the connection after the timeout is exceeded.

    TokenDatatypeDescription
    typeStringAlways "ping"
    nsStringNamespace "org.jWebSocket.plugins.system".
    echoBooleanSpecifies whether the ping expects a result or not (default false). echo should be set to true only when the client wants to check if the server is still alive.

    getClients

    The getClients token requests the list of clients from the server. With the mode option (default = 0) the client can specify whether to return all, authenticated client only or non-authenticated clients only. The result field of the response contains an array with the requested clients in the format [username|dash if not logged in]@[clientId].

    TokenDatatypeDescription
    typeStringAlways "getClients".
    nsStringNamespace "org.jWebSocket.plugins.system".
    modeIntegerALL_CLIENTS=0, AUTHENTICATED=1, NON_AUTHENTICATED=2.

    展开全文
  • Token2Shell v6.1.0.zip

    2019-07-17 15:26:51
    Token2Shell是款多功能Shell远程管理工具。目前支持多种模式,支持SSH连接广泛的运算法则和连接方式。Token2Shell支持的协议有ab://、ssh://、tel/net://、tcp://、com://、phone://等等等,是款不可多的的软件...
  • V-token实现数字货币与实体经济整合

    千次阅读 2019-03-16 06:16:59
    每个新的产业都是一张充满曲折故事的实验清单,在当前中国社会利益多元化的大背景下,如何“不为任何风险所惧,不被任何干扰所惑”,在重要领域和关键环节改革上取得突破,无疑是新轮改革与发展的关键。...
    每个新的产业都是一张充满曲折故事的实验清单,在当前中国社会利益多元化的大背景下,如何“不为任何风险所惧,不被任何干扰所惑”,在重要领域和关键环节改革上取得突破,无疑是新一轮改革与发展的关键。在新的形势下,区域块领域需要不断拓宽,需要整合资源,需要结合发展需求和任务,设计新的活动载体,寻找新的抓手,为区块链技术注入新的活力。
    复制代码

    数字货币安全化 在古代,人们为了保障自己的资产安全,如果手上有大量的金银铜币时总喜欢挖个地方埋起来,以保不被窃贼盗取;而在我们小的时候,相信有很多人也偷偷看到自己的父母把现金纸币偷偷锁在抽屉,或是放在保险柜里面以防被盗;到移动互联网高速发展的今天,货币流通逐步数字化,只要通过手机网络,就可以随时查询自己的资产信息。但三方支付真的是安全吗?在网上我们可以看到屡见不鲜相关被盗刷事件,手机病毒、手机丢失、密码泄露、熟人作案都有可能导致账户信息被盗刷。

    如何保护账户安全,其实最简单的方法之一就是将其私钥信息保存在离线状态。V-token超级区块链网络可通过开发的SDK在脱机计算机上创建和签名交易,然后将签名后的交易信息保存在USB设备(或其他存储设备)上,并通过传输到具有互联网访问权的计算机上,将该签名事务提交到超级区块链网络中。由于离线计算机没有连接,所以对于没有物理访问权限的人来说, 访问账户的私钥是非常困难的。然而,这也使得每个交易都是非常手工的过程。通常的做法是维护两个账户:一个安全的保存大部分资金的离线账户和另一个拥有少量资产的在线账户。大多数交易可通过在线账户执行,而当其资金不足时,再从离线账户手工补充,这样就避免了一些列安全 数字货币流通化 货币本质上是一种所有者与市场关于交换权的契约,根本上是所有者相互之间的约定。“吾以吾之所有予市场,换吾之所需”,货币就是这一过程的约定,它反映的是个体与社会的经济协作关系。一定时期内商品流通中所需货币量与商品价格总额成正比,与同一单位货币的流通速度成反比,纸币的发行量以流通中所需要的金属货币量为限。当纸币的发行量超过商品流通中所需要的金属货币量,引起纸币贬值、物价普遍上涨,就出现通货膨胀;相反,当纸币的发行量不能满足流通中所需要的金属货币量,则会导致纸币升值、物价普遍下跌,从而出现通货紧缩。 Paydex(v支付)正是vtoken创始团队原班人马倾力打造的核心数字货币支付渠道,基于公链的核心技术,为全世界用户及vtoken家人们提供|BTC|ETH|VTOKEN|VPC|USDT|VRT|YEC|EOS|LTC|VUST|为主的所有数字货币的支付,将支持所有VTOKEN中的数字货币资产的流通及支付,以及基于数字货币的全球各国法币结算,让每个用户都是清算网关,可实现跨境全币种全球分布式清算,每个清算网关都是承兑商,都可以通过流通置换来获利。 数据货币应用化 新一代信息技术企业与传统制造企业的认识不同,大多数制造企业已经实现了从单一产品竞争向供应链竞争的转变,但电子战企业能够实现制造全过程中产生的大量数据资源的战略价值,虽然大多数新一代信息技术企业都认识到数据挖掘的重要性,但是缺乏对制造企业主要业务流程和流程的掌握,难以准确有效地满足实际操作。区块链采用分布式数据库,使用密码学方法相关联产生的数据块,每个数据块都包含了一次网络交易信息,可以用于验证其信息的有效性和生成下一个区块,让每个环节串联起来,vtoken目前旗下涵盖商城,V资本,V理财,V公益,V游戏等多个板块及项目,并且可为商户提供支付SDK,商户上网上可实现二维码收款并返回收款结果和自动发货,可链接全球商城所有应用场景支付落地,并且,V-Token推出移动端钱包APP可实现扫码支付和NFC支付功能,拥有支付宝和微信支付的收付款体验度,全球范围内支付结果实时确认,实现真正的全流通。

    相信数字经济与实体经济一体化,会给生活带来更多新的领域。

    展开全文
  • usbtoken1000驱动是款专用于进行USBTOKEN身份认证的电脑驱动程序,有了它USB设备才能通过主机的识别,与主机之间建立起条可用的USB传输信道,并在此基础上实现设备的功能,有需要的朋友欢迎下载使用!usbtoken...
  • rest token个实现

    千次阅读 2016-09-12 19:32:47
    最近工作需要开发基于无状态的api,平时使用的是spring mvc,感觉没有找到相关比较好的实现的开源项目,所以就自己实现了个来管理token。 逻辑:大概是当通过用户验证后创建个用户tokenmodel并存入tokenmodel...

    最近工作需要开发基于无状态的api,平时使用的是spring mvc,感觉没有找到相关比较好的实现的开源项目,所以就自己实现了一个来管理token。
    逻辑:大概是当通过用户验证后创建一个用户tokenmodel并存入tokenmodel仓库。然后返回给用户有用户信息和当前时间轴生成的加密字符,当带有token的请求到来时,根据请求参数中的用户从仓库中拿出相关用户信息并根据之前生成token的算法生成字符串并与用户请求中的token对比。

    代码:

    /**
     * TokenHandler
     *
     * 生产token和校验token
     *
     * @author doob
     * @date 16/9/10
     */
    public interface TokenHandler {
    
        /**
         * 添加一个用户的tokenmodel,并返回给用户token
         * @param tokenModel
         * @return   登录后反馈给用户端的token
         */
        String addToken(TokenModel tokenModel);
    
        /**
         * 检查token是否有效
         * @param userId  用户唯一标示
         * @param token   请求上传token
         * @return
         */
        boolean checkToken(String userId , String token);
    
    }
    /**
     * TokenModelRepository
     *
     * 隐藏tokenmodel储存的具体实现
     *
     * @author doob
     * @date 16/9/9
     */
    public interface TokenModelRepository {
    
        /**
         * 根据用户名获取tokenmodel
         * @param userId
         * @return
         */
        TokenModel get(String userId);
    
        /**
         * 保存一个tokenmodel
         *
         * @param tokenModel
         * @return
         */
        boolean save(TokenModel tokenModel);
    
        /**
         * 删除一个用户tokenmodel
         *
         * @param userId
         * @return
         */
        TokenModel delete(String userId);
    
        /**
         * 设置token超时时间
         *
         * @param seconds   多少秒
         * @return
         */
        boolean setTokenTimeout(long seconds);
    
    }
    import com.mofang.common.Encryptor; //加密的具体算法类
    import com.mofang.common.api.signature.Timestamp; //获取当前时间轴的类
    /**
     * TokenModel
     *
     * token实体类,用于储存token相关信息
     *
     * @author doob
     * @date 16/9/9
     */
    public class TokenModel {
    
        private String userId;
    
        private long createTime;
    
        private long lastTime;
    
        public TokenModel(String userId) {
            this.userId = userId;
            this.createTime = Timestamp.nowSeconds();
            this.lastTime = this.createTime;
        }
    
        public String getToken(){
            String original = userId+TokenPrimer.getPrimer(createTime)+createTime;
            return Encryptor.input(original).md5().hex();
        }
    
        public TokenModel updateLastTime(){
            this.lastTime = Timestamp.nowSeconds();
            return this;
        }
    
        public long getLastTime() {
            return lastTime;
        }
    
        public long getCreateTime() {
    
            return createTime;
        }
    
        public void setCreateTime(long createTime) {
            this.createTime = createTime;
        }
    
        public String getUserId() {
    
            return userId;
        }
    
        public void setUserId(String userId) {
            this.userId = userId;
        }
    }
    /**
     * TokenPrimer
     *
     * 用户token密文时使用的引子字符串
     *
     * @author doob
     * @date 16/9/10
     */
    public class TokenPrimer{
    
        private static final String[] primers = new String[]{
                "test1","test2","test3"
        };
    
        /**
         * 根据用户tokenmodel创建时间决定使用那个引子
         * @param createTime
         * @return
         */
        public static String getPrimer(long createTime){
            int index = (int)createTime%primers.length;
            return primers[index];
        }
    
    }
    import com.mofang.common.api.signature.Timestamp;
    import org.slf4j.Logger;
    import org.slf4j.LoggerFactory;
    import java.util.Iterator;
    import java.util.Map;
    import java.util.concurrent.ConcurrentHashMap;
    import java.util.concurrent.Executors;
    import java.util.concurrent.TimeUnit;
    
    /**
     * MemoryTokenModelRepository
     *
     * tokenmodel储存在内存中的的具体实现
     *
     * @author doob
     * @date 16/9/9
     */
    public class MemoryTokenModelRepository implements TokenModelRepository {
    
        private static Logger logger = LoggerFactory.getLogger(TokenModelRepository.class);
    
        private static volatile long timeout = 10*60; //token有限期
        private static final long checkTime = 60;
    
        private transient static final ConcurrentHashMap<String,TokenModel> tokenRepository = new ConcurrentHashMap<>();
    
        static {
            /**
             * 定期检查token,实现token过期时间
             */
            Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate( () -> { //lambda
                logger.debug("start scan user token , token repository length is {}",tokenRepository.size());
                Iterator<Map.Entry<String,TokenModel>> iterator = tokenRepository.entrySet().iterator();
                while (iterator.hasNext()){
                    long now = Timestamp.nowSeconds();
                    Map.Entry<String,TokenModel> token = iterator.next();
                    long tokenLastTime = token.getValue().getLastTime();
                    if (now - tokenLastTime > timeout){
                        String k = token.getKey();
                        TokenModel v = token.getValue();
                        tokenRepository.remove(k);
                        logger.debug("user[{}] token is timeout , user token lasttime is {}s , total user {}s",
                                k, v.getLastTime(), v.getLastTime() - v.getCreateTime());
                    }
                }
            }, checkTime, checkTime, TimeUnit.SECONDS);
        }
    
        /**
         * 单列模式
         */
        private MemoryTokenModelRepository() {
        }
        private static volatile MemoryTokenModelRepository memoryTokenModelRepository;
        public static MemoryTokenModelRepository getMemoryTokenModelRepository(){
            if (memoryTokenModelRepository == null) {
                synchronized (MemoryTokenModelRepository.class) {
                    if (memoryTokenModelRepository == null) {
                        memoryTokenModelRepository = new MemoryTokenModelRepository();
                    }
                }
            }
            return memoryTokenModelRepository;
        }
    
    
    
        @Override
        public TokenModel get(String userId) {
            return tokenRepository.get(userId);
        }
    
        @Override
        public boolean save(TokenModel tokenModel) {
            tokenRepository.put(tokenModel.getUserId(),tokenModel);
            return true;
        }
    
        @Override
        public TokenModel delete(String userId) {
            return this.tokenRepository.remove(userId);
        }
    
        @Override
        public boolean setTokenTimeout(long seconds) {
            this.timeout = seconds;
            return false;
        }
    }
    
    
    /**
     * DefaultTokenHandlerImpl
     *
     * @author doob
     * @date 16/9/10
     */
    public class DefaultTokenHandlerImpl implements TokenHandler {
    
        static TokenModelRepository tokenModelRepository = MemoryTokenModelRepository.getMemoryTokenModelRepository();
    
        public DefaultTokenHandlerImpl(){}
    
        public DefaultTokenHandlerImpl(TokenModelRepository tmr){
            this.tokenModelRepository = tmr;
        }
    
        @Override
        public String addToken(TokenModel tokenModel) {
            if (tokenModelRepository.get(tokenModel.getUserId()) == null){
                tokenModelRepository.save(tokenModel);
            }
            return createTokenString(tokenModel);
        }
    
        @Override
        public boolean checkToken(String userId, String token) {
            if (userId == null ) return false;
            TokenModel tokenModel = tokenModelRepository.get(userId);
            boolean result = tokenModel == null ? false : createTokenString(tokenModel).equals(token);
            if (result == true){
                tokenModel.updateLastTime();
            }
            return result;
        }
    
        /**
         * 生成密文token的逻辑
         * @param tokenModel
         * @return
         */
        private String createTokenString(TokenModel tokenModel){
            return tokenModel == null ? null : Encryptor.input(tokenModel.getUserId()
                    + TokenPrimer.getPrimer(tokenModel.getCreateTime())
                    + tokenModel.getCreateTime()).sha256().hex();
        }
    
    
    }
    //spring 的 Interceptor
    
    
    /**
     * CheckApiTokenInterceptor
     *
     * 检查url以api开头的所有访问(除login)的token是否合法
     *
     * @author doob
     * @date 16/9/10
     */
    public class CheckApiTokenInterceptor implements HandlerInterceptor {
    
        private Logger logger = LoggerFactory.getLogger(this.getClass());
        public static final String API_TOKEN_KEY = "api_token_key";
        public static final String API_TOKEN_USER = "api_token_user";
    
        @Autowired
        TokenHandler th;
    
    
    
        @Override
        public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
            if (request.getServletPath().contains("api/login")){
                return true;
            }
            String agent = request.getHeader("User-Agent");
            logger.debug(agent);
            String token = request.getHeader(API_TOKEN_KEY);
            String username = request.getHeader(API_TOKEN_USER);
            if (token != null && th.checkToken(username,token)){
                return true;
            }else {
                response.setHeader(HttpHeaders.CONTENT_TYPE,"application/json;charset=UTF-8");
                response.getOutputStream().write(JSON.toJSONBytes(JSONResult.error("auth error")));
                return false;
            }
        }
    
        @Override
        public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
    
        }
    
        @Override
        public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
    
        }
    
    }
    
    /**
     * DefaultTokenHandlerBeans
     * 把默认的实现注入spring,若有自己实现注入自己实现的bean
     * @author doob
     * @date 16/9/11
     */
    @Component
    public class DefaultTokenHandlerBeans {
    
        @Bean
        public TokenHandler getTokenHandler(){
            return new DefaultTokenHandlerImpl();
        }
    
        @Bean
        public TokenModelRepository getTokenModelRepository(){
            return MemoryTokenModelRepository.getMemoryTokenModelRepository();
        }
    }

    不知道这样子写token验证合不合适,希望高手指教^_^

    展开全文
  • 中国银联银联卡联网联合技术规范V2.1-Token支付方案.pdf
  • openstack curl get token in v3.0

    千次阅读 2017-02-09 14:04:59
    1.首先通过编辑器将如下内容写入token-requset.json { "auth": { "identity": { "methods": [ "password" ], "password": { "user": {

    1.首先通过编辑器将如下内容写入token-requset.json

    {
        "auth": {
            "identity": {
                "methods": [
                    "password"
                ],
                "password": {
                    "user": {
                        "domain": {
                            "name": "Default"
                        },
                        "name": "admin",
                        "password": "$PASSWORD"
                    }
                }
            },
            "scope": {
                "project": {
                    "domain": {
                        "name": "Default"
                    },
                    "name": "admin"
                }
            }
        }
    }




    2.为了方便将token设为变量TOKEN

    TOKEN=`curl -si -d @token-request.json -H "Content-type: application/json" http://localhost:35357/v3/auth/tokens | awk '/X-Subject-Token/ {print $2}'`




    3.举例

    #列出domain

    curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://localhost:35357/v3/domains

    结果:

    HTTP/1.1 200 OK
    Date: Thu, 09 Feb 2017 06:03:15 GMT
    Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
    Vary: X-Auth-Token
    x-openstack-request-id: req-666baa76-025f-406a-a4c9-3433d209b3b3
    Content-Length: 303
    Content-Type: application/json
    
    {"domains": [{"links": {"self": "http://localhost:35357/v3/domains/28b49b2aab5745e3b70bcaae31d6c7ca"}, "description": "Default Domain", "name": "default", "enabled": true, "id": "28b49b2aab5745e3b70bcaae31d6c7ca"}], "links": {"self": "http://localhost:35357/v3/domains", "previous": null, "next": null}}


    #列出user

    curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://localhost:35357/v3/users

    结果:

    HTTP/1.1 200 OK
    Date: Thu, 09 Feb 2017 06:04:28 GMT
    Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
    Vary: X-Auth-Token
    x-openstack-request-id: req-e164b49e-1ba3-4ddd-9962-6fae3ae86936
    Content-Length: 1129
    Content-Type: application/json
    
    {"users": [{"name": "glance", "links": {"self": "http://localhost:35357/v3/users/6c347306068b45078e888071062d967b"}, "domain_id": "28b49b2aab5745e3b70bcaae31d6c7ca", "enabled": true, "id": "6c347306068b45078e888071062d967b", "default_project_id": "b5f70a0341ea4e20a454b4d0b72aebb5"}, {"name": "nova", "links": {"self": "http://localhost:35357/v3/users/6d6471538d824a6685f8ce970ae49f6b"}, "domain_id": "28b49b2aab5745e3b70bcaae31d6c7ca", "enabled": true, "id": "6d6471538d824a6685f8ce970ae49f6b", "default_project_id": "b5f70a0341ea4e20a454b4d0b72aebb5"}, {"name": "neutron", "links": {"self": "http://localhost:35357/v3/users/723241a45b9748be9136c1df15da47b6"}, "domain_id": "28b49b2aab5745e3b70bcaae31d6c7ca", "enabled": true, "id": "723241a45b9748be9136c1df15da47b6", "default_project_id": "b5f70a0341ea4e20a454b4d0b72aebb5"}, {"name": "admin", "links": {"self": "http://localhost:35357/v3/users/df9e6dce8f0a479c874a324a8c0a3ce5"}, "enabled": true, "id": "df9e6dce8f0a479c874a324a8c0a3ce5", "domain_id": "28b49b2aab5745e3b70bcaae31d6c7ca"}], "links": {"self": "http://localhost:35357/v3/users", "previous": null, "next": null}}


    展开全文
  • TokenToken验证流程

    千次阅读 2019-03-05 22:01:55
    什么是Token?为什么要使用它? Token实际就是在计算机身份验证中的令牌(临时)的意思。 当前端向后端发起数据请求的时候,后端需要对前端进行身份验证,但是我们又不想...验证成功后,服务端会返回Token给客户...
  • JWT〖token单点登录认证逻辑实现

    千次阅读 2020-12-01 20:21:20
    JWT〖token单点登录认证逻辑实现. 什么是JWT1.1 什么时候你应该用JSON Web Token1.2 认证流程1.3 JWT优势在哪?1.4 JWT具体包含信息二. 实战演示2.1 整合pom2.2 测试JWT加密过程三. 封装工具类四. JWT 整合...
  • 1.在使用github获取数据的时候,需要注册个github账户 在账户 Account -->Setting 点击后页面刷新后, 点击 Personal ...2.在安装composer的路径下: 执行:php composer.phar create-project yiisoft/yii2-a
  • 但按照官网建议的方式安装完成后,输入token登录时会没有反应。 这个问题困扰了我整天,最终在这里找到了答案。 原因如下: 按官方文档建议的方式安装完dashboard后,使用kubectl proxy代理的方式来访问webUI。...
  • 个的JavaWeb权限认证框架,强大、简单、好用 与其它权限认证框架相比,sa-token尽力保证两点: 上手简单:能自动化的配置全部自动化,不让你费脑子 功能强大:能涵盖的功能全部涵盖,不让你用个框架还要自己给...
  • laravel使用jwt-token安装 首先是查看我们自己使用的laravel框架版本 这个还是最简单的,我们进入到laravel框架里,就是和app | public 目录的同级目录,使用artisan命令 php artisan -V 就可以看到我们的...
  • trustnote-token-源码

    2021-05-13 07:57:00
    OSX 可以到 直接下载pkg文件进行安装 查看Node.js 版本号 node -v 如果可以看到版本号,则代表Node.js已经安装成功。 下载示例代码 git clone https://github.com/trustnote/trustnote-token.git 安装 node 依赖包 ...
  • Django使用Token

    千次阅读 2018-01-28 20:34:31
    基于Token的身份验证 在实现登录功能的时候,正常的B/S应用都会使用cookie+session的方式来做身份验证,后台直接向cookie中写数据,但是由于移动端的存在,移动端是没有cookie机制的,所以使用token可以实现移动端和...
  • 什么是 token 以及 token 怎么用

    千次阅读 2019-06-24 15:11:24
    Token的引入: Token是在客户端频繁向服务端请求数据,服务端频繁的去数据库查询用户名和密码并进行对比,判断用户名和密码正确与否,并作出相应提示,在这样的背景下,Token便应运而生。 token 的作用: 在进行...
  • Coin和Token的区别

    千次阅读 2019-01-06 10:31:27
    所有的coin和token都被认为是密码货币,尽管事实上它们中有许多不是以货币形式流通,而且从来就不是那样的。根据定义,货币是交换媒介、记账单位或价值储存。比特币具有这些特性,因此在这种情况下,“加密货币”这...
  • token获取地址

    千次阅读 2019-10-17 05:12:24
    http://test.ghed.com.cn:9501/evcs/v20180413/ token 账号: MA0P44NRX token 密码: 9841EFSOTQT9XT8Q 数据密匙: 70C9AC3A1E9A7C8D 数据密匙IV: BCA6F70DB4A7AC3F hmac签名密匙: CCAC1E8E...
  • EOS合约token

    2018-10-17 11:13:57
    代码层面详解eosio.token合约,并对用到的multi-index数据库首先进行了解读。token合约的中用到的各种数据结构,以及create、issue、transfer、sub_balance、add_balance都有详细解读。
  • Vue 登陆 处理 token

    千次阅读 2019-03-22 17:21:36
    vue 处理 token 最开始后端来和我说 token 时候,之前假期学习的时候,没接触过toen, 当时我听的是脸懵逼,只能装着很懂的样子, 后来查了一些资料,终于明白了token 的原理,以及应用。 token 原理 token ...
  • Web基础:Token

    万次阅读 多人点赞 2019-03-08 19:11:21
    解决的方法就是,当用户请求登录的时候,如果没有问题,我们在服务端生成条记录,这个记录里可以说明一下登录的用户是谁,然后把这条记录的 ID 号发送给客户端,客户端收到以后把这个 ID 号存储在 C...
  • Token中的信息

    千次阅读 2016-08-11 08:40:00
    这我们可以从个api中得到, GetTokenInformation https://msdn.microsoft.com/en-us/library/windows/desktop/aa446671(v=vs.85).aspx 想要获取的信息类别 TOKEN_INFORMATION_CLASS t
  • Vue项目中实现用户登录及token验证

    万次阅读 多人点赞 2018-10-08 22:42:10
    在前后端完全分离的情况下,Vue项目中实现token验证大致思路如下: 1、第次登录的时候,前端调后端的登陆接口,发送用户名和密码 2、后端收到请求,验证用户名和密码,验证成功,就给前端返回token 3、前端...
  • 前后端Token验证

    千次阅读 2020-02-03 12:14:47
    文章目录实例环境概述前端后端Redis安装使用Token管理代码生成token检测Token移除Token拦截器配置 实例环境 IDE 框架/脚手架 IDEA v2019.1.2 Spring boot 2+ - Vue cli 3+ 概述 前端携带账户信息请求...
  • 1.kubeadm join个新的worker node的时候报错:Unauthorized 这是因为token已经失效了,默认情况下,kubeadm init产生的token的有效期是24个小时。 你可以使用下面的命令来重新产生token: kubeadm token create ...
  • 比如,我们需要先通过个接口A获取token,然后拿到这个token后作为第二个接口B的请求参数发送。 本文就来解决这个问题。 为了方便演示,我们先准备2个接口:A接口获取token,B接口使用token。 1、获取token的接口A ...

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 108,684
精华内容 43,473
关键字:

v一token下载安装