feat: add create jwt logic

coderi421 · coderi421 · commit fc830fe21329 · 2023-06-12T15:29:06.000+08:00
diff --git a/gmicro/server/restserver/middlewares/jwt.go b/gmicro/server/restserver/middlewares/jwt.go
@@ -0,0 +1,128 @@
+package middlewares
+
+import (
+	"errors"
+	"net/http"
+	"time"
+
+	"github.com/dgrijalva/jwt-go"
+	"github.com/gin-gonic/gin"
+)
+
+type CustomClaims struct {
+	ID          uint `json:"userid"`
+	NickName    string
+	AuthorityId uint
+	jwt.StandardClaims
+}
+
+// TODO 弃用，使用了通用中间件，实现验证
+func JWTAuth(signKey string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 我们这里jwt鉴权取头部信息 x-token 登录时回返回token信息 这里前端需要把token存储到cookie或者本地localSstorage中 不过需要跟后端协商过期时间 可以约定刷新令牌或者重新登录
+		token := c.Request.Header.Get("Authorization")
+		if token == "" {
+			c.JSON(http.StatusUnauthorized, map[string]string{
+				"msg": "请登录",
+			})
+			c.Abort()
+			return
+		}
+		j := NewJWT(signKey)
+		// parseToken 解析token包含的信息
+		claims, err := j.ParseToken(token)
+		if err != nil {
+			if err == TokenExpired {
+				if err == TokenExpired {
+					c.JSON(http.StatusUnauthorized, map[string]string{
+						"msg": "授权已过期",
+					})
+					c.Abort()
+					return
+				}
+			}
+
+			c.JSON(http.StatusUnauthorized, "未登陆")
+			c.Abort()
+			return
+		}
+		c.Set("claims", claims)
+		c.Set("userId", claims.ID)
+		c.Next()
+	}
+}
+
+type JWT struct {
+	SigningKey []byte
+}
+
+var (
+	TokenExpired     = errors.New("token is expired")
+	TokenNotValidYet = errors.New("token not active yet")
+	TokenMalformed   = errors.New("that's not even a token")
+	TokenInvalid     = errors.New("couldn't handle this token")
+)
+
+func NewJWT(sign string) *JWT {
+	//zap.S().Info(global.ServerConfig.JWTInfo.SigningKey)
+	return &JWT{
+		[]byte(sign), //可以设置过期时间
+	}
+}
+
+// 创建一个token
+func (j *JWT) CreateToken(claims CustomClaims) (string, error) {
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString(j.SigningKey)
+}
+
+// 解析 token
+func (j *JWT) ParseToken(tokenString string) (*CustomClaims, error) {
+	token, err := jwt.ParseWithClaims(tokenString, &CustomClaims{}, func(token *jwt.Token) (i interface{}, e error) {
+		return j.SigningKey, nil
+	})
+	if err != nil {
+		if ve, ok := err.(*jwt.ValidationError); ok {
+			if ve.Errors&jwt.ValidationErrorMalformed != 0 {
+				return nil, TokenMalformed
+			} else if ve.Errors&jwt.ValidationErrorExpired != 0 {
+				// Token is expired
+				return nil, TokenExpired
+			} else if ve.Errors&jwt.ValidationErrorNotValidYet != 0 {
+				return nil, TokenNotValidYet
+			} else {
+				return nil, TokenInvalid
+			}
+		}
+	}
+	if token != nil {
+		if claims, ok := token.Claims.(*CustomClaims); ok && token.Valid {
+			return claims, nil
+		}
+		return nil, TokenInvalid
+
+	} else {
+		return nil, TokenInvalid
+
+	}
+
+}
+
+// 更新token
+func (j *JWT) RefreshToken(tokenString string) (string, error) {
+	jwt.TimeFunc = func() time.Time {
+		return time.Unix(0, 0)
+	}
+	token, err := jwt.ParseWithClaims(tokenString, &CustomClaims{}, func(token *jwt.Token) (interface{}, error) {
+		return j.SigningKey, nil
+	})
+	if err != nil {
+		return "", err
+	}
+	if claims, ok := token.Claims.(*CustomClaims); ok && token.Valid {
+		jwt.TimeFunc = time.Now
+		claims.StandardClaims.ExpiresAt = time.Now().Add(1 * time.Hour).Unix()
+		return j.CreateToken(*claims)
+	}
+	return "", TokenInvalid
+}
