jwt验证

utils/auth/user.go

@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"net/http"
 
 	"github.com/golang-jwt/jwt"
 	"github.com/google/uuid"
@@ -60,3 +61,56 @@ func GenerateJwtToken(accessSecret string, accessExpire, nowSec int64, userid in
 	token.Claims = claims
 	return token.SignedString([]byte(accessSecret))
 }
+
+func ParseJwtToken(w http.ResponseWriter, r *http.Request, AccessSecret *string) (*UserInfo, error) {
+	// 解析jwtToken
+	claims, err := getJwtClaims(r, AccessSecret)
+	// 如果解析出错，则返回未授权的JSON响应并记录错误消息
+	if err != nil {
+		// httpx.OkJsonCtx(r.Context(), w, &basic.Response{
+		// 	Code:    401,
+		// 	Message: "unauthorized",
+		// })
+		// logx.Info("unauthorized:", err.Error())
+		return nil, err
+	}
+
+	// 从Token里获取对应的信息
+	userinfo, err := GetUserInfoFormMapClaims(claims)
+	// 如果获取用户信息出错，则返回未授权的JSON响应并记录错误消息
+	if err != nil {
+		// httpx.OkJsonCtx(r.Context(), w, &basic.Response{
+		// 	Code:    401,
+		// 	Message: "unauthorized",
+		// })
+		// logx.Info("unauthorized:", err.Error())
+		return nil, err
+	}
+	return userinfo, err
+}
+
+func getJwtClaims(r *http.Request, AccessSecret *string) (jwt.MapClaims, error) {
+	AuthKey := r.Header.Get("Authorization")
+	if len(AuthKey) <= 50 {
+		return nil, errors.New(fmt.Sprint("Error parsing token, len:", len(AuthKey)))
+	}
+
+	token, err := jwt.Parse(AuthKey, func(token *jwt.Token) (interface{}, error) {
+		// 检查签名方法是否为 HS256
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+		// 返回用于验证签名的密钥
+		return []byte(*AccessSecret), nil
+	})
+	if err != nil {
+		return nil, errors.New(fmt.Sprint("Error parsing token:", err))
+	}
+
+	// 验证成功返回
+	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		return claims, nil
+	}
+
+	return nil, errors.New(fmt.Sprint("Invalid token", err))
+}