Implementing Token Storage and Validation in a Distributed Microservices Architecture with Spring Cloud

The article introduces a token‑based authentication solution for a distributed micro‑service environment, explaining why a gateway‑centric approach is insufficient and how token handling must support both PC and mobile clients.

Token storage entity

A @Data @AllArgsConstructor @NoArgsConstructor public class LoginToken { private String PcLoginToken; private String MobileLoginToken; private String LoginIP; } object is stored in Redis to keep separate tokens for each client type.

Login service implementation

The @Service public class loginServiceImpl implements LoginService { @Autowired UserService userService; @Autowired RedisUtils redisUtils; ... public R Login(LoginEntity entity) { /* validate request frequency, retrieve user, generate JWT, store token in Redis with a 7‑day TTL, and return the token */ } } method creates a JWT, records the client IP, and saves the token under a Redis key that includes the user ID and client type.

Enum and exception definitions

The public enum BizCodeEnum { UNKNOW_EXCEPTION(10000,"系统未知异常"), ... SUCCESSFUL(200,"successful"); private int code; private String msg; ... } enum standardises response codes, while custom exceptions such as public class BadLoginParamsException extends Exception {} , public class BadLoginTokenException extends Exception {} , and public class NotLoginException extends Exception {} represent specific authentication errors.

Client‑side token handling

Vue.js components store the token in a custom Storage.prototype.setExpire = (key, value, expire) => { let obj = { data: value, time: Date.now(), expire: expire }; localStorage.setItem(key, JSON.stringify(obj)); } method, and retrieve it with Storage.prototype.getExpire = key => { ... } , ensuring automatic expiration after seven days.

Front‑end login form

The login page uses Element UI components to collect username, password, and a captcha, then posts to /user/user/login . Upon success, the returned token and user ID are saved via the extended localStorage methods and the user is redirected to the personal space page.

Custom annotation and AOP verification

A @Target(ElementType.METHOD) @Retention(RetentionPolicy.RUNTIME) public @interface NeedLogin { String value() default ""; } annotation marks methods that require authentication. The VerificationAspect class intercepts these methods, extracts headers ( loginType , userid , loginToken ), validates the token against Redis, and throws the appropriate custom exception if validation fails.

Usage in controllers

Controllers simply annotate protected endpoints with @NeedLogin ; the aspect handles token verification before the method proceeds, returning an error response if the token is missing, expired, or mismatched.

Result

When a user accesses a protected page, the Vue hook calls the verification endpoint; the backend validates the token via the aspect, and the client proceeds only after successful authentication, demonstrating a complete end‑to‑end token validation flow.