jwt,全名(json web token),是一种跨域的认证的解决方案,属于一个开放的标准。使用其规定了一种token的实现方式。本文主要介绍Go/Gin如何使用jwt进行身份验证
操作步骤
1、安装jwt-go拓展包
$ go get -u github.com/dgrijalva/jwt-go
2、发放token
func ReleaseToken(user *model.User) (tokenString string,err error) {
expire := time.Now().Add(7 * 24 * time.Hour)
claims := &Claims{
UserId: user.ID,
StandardClaims: jwt.StandardClaims{
ExpiresAt: expire.Unix(),
IssuedAt: time.Now().Unix(),
Issuer: "oceanlearn.tech",
Subject: "user token",
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err = token.SignedString(jwtKey)
if err != nil {
return "", err
}
return
}
3、解析token
func ParseToken(tokenString string) (*jwt.Token, *Claims, error) {
claims := &Claims{}
token,err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
return jwtKey, nil
})
return token, claims, err
}
附:
var jwtKey = []byte("apple")
type Claims struct {
UserId int
jwt.StandardClaims
}
==============================手动分隔线====================
流程解析
1、用户输入账号密码发送到登录接口,若账号密码正确,则发放token,将此token返回给用户
2、用户后续每次请求,如访问个人信息接口,需要在请求头部加上此token
3、接口收到请求后,会判断token是否有效,若有效则解析token,找到用户id,从而获取用户信息
3.1、用户登录成功,发放token
token, err := common.ReleaseToken(user)
response.LoginSuccessfully(c, gin.H{"token":token})
3.2、用户请求头携带token
Authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVc2VySWQiOjE2LCJleHAiOjE2MTEwNDEwNDIsImlhdCI6MTYxMDQzNjI0MiwiaXNzIjoib2NlYW5sZWFybi50ZWNoIiwic3ViIjoidXNlciB0b2tlbiJ9.DRdyspxB7iSUxrawN6QpMR_-SeW7U_FV4E0fMf7BjQI
3.3、中间件判断token是否有效,获取信息,将用户信息注入到 gin.Context 中
func CheckJWTLogin() gin.HandlerFunc {
return func(c *gin.Context) {
tokenString := c.GetHeader("Authorization")
if tokenString == "" || !strings.HasPrefix(tokenString, "Bearer "){
c.JSON(419, gin.H{"code":419, "msg":"unauthorized"})
c.Abort()
return
}
tokenString = tokenString[7:]
_, claims, err := common.ParseToken(tokenString)
if err != nil {
c.JSON(419, gin.H{"code":419, "msg": err.Error()})
c.Abort()
return
}
userId := claims.UserId
var user model.User
dao.DB.First(&user, userId)
c.Set("user", user)
c.Next()
}
}
