【Gin实战系列】jwt身份认证

# jwt身份认证

## 1.整合jwt身份认证

- jwt使用go-jwt库

```shell
go get github.com/dgrijalva/jwt-go
```

- jwt工具方法

pkg/helper/jwt.go

```go
package helper

import (
"errors"
"github.com/dgrijalva/jwt-go"
"time"
)
var (
	key []byte
	expire int64
)
type Claims struct {
	Username string `json:"username"`
	Wid string `json:"wid"`
	jwt.StandardClaims
}

func init() {
	key = []byte("sockstack")
	expire = 7200
}

func Encode(c Claims, keys []byte) (string, error) {
	if c.ExpiresAt == 0 {
		c.ExpiresAt = time.Now().Unix() + expire
	}

token := jwt.NewWithClaims(jwt.SigningMethodHS256, c)
	// Sign and get the complete encoded token as a string using the secret
	if keys != nil {
		key = keys
	}
	return token.SignedString(key)
}

func Decode(s string, keys []byte) (*Claims, error) {
	var err error
	// sample token is expired.  override time so it parses as valid
	if keys != nil {
		key = keys
	}
	if s == "" {
		return &Claims{}, errors.New("token不能为空")
	}
	token, err := jwt.ParseWithClaims(s, &Claims{}, func(token *jwt.Token) (i interface{}, err error) {
		return key, nil
	})
	if err != nil {
		return &Claims{}, err
	}

if !token.Valid {
		if ve, ok := err.(*jwt.ValidationError); ok {
			if ve.Errors&jwt.ValidationErrorMalformed != 0 {
				err = errors.New("That's not even a token")
			} else if ve.Errors&(jwt.ValidationErrorExpired|jwt.ValidationErrorNotValidYet) != 0 {
				// Token is either expired or not active yet
				err = errors.New("Timing is everything")
			} else {
				err = errors.New("Couldn't handle this token:")
			}
		} else {
			err = errors.New("Couldn't handle this token:")
		}
		return &Claims{}, err
	}
	claims, ok := token.Claims.(*Claims)
	if  !ok {
		return &Claims{}, errors.New("Couldn't handle this token:")
	}

return claims, nil
}
```

登录查看更多内容

【Gin实战系列】jwt身份认证

作者

sockstack

许可协议

CC BY 4.0

发布于

2023-09-02

修改于

2023-09-02

尚未登录

专栏目录