fusen/fusenapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

jwt验证

Browse Source
This commit is contained in:
eson 2023-06-12 20:04:30 +08:00
parent bdaa3bf48b
commit 2cc13de3e2
2 changed files with 68 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
server/home-user-auth/internal/handler/useraddresslisthandler.go
View File

@ -15,30 +15,23 @@ import (
"fusenapi/server/home-user-auth/internal/types" "fusenapi/server/home-user-auth/internal/types"
) )
var wantJwt = true
func UserAddressListHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { func UserAddressListHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
// 解析jwtToken var userinfo *auth.UserInfo
claims, err := svcCtx.ParseJwtToken(r) var err error
// 如果解析出错则返回未授权的JSON响应并记录错误消息
if err != nil {
httpx.OkJsonCtx(r.Context(), w, &basic.Response{
Code: 401,
Message: "unauthorized",
})
logx.Info("unauthorized:", err.Error())
return
}
// 从Token里获取对应的信息 if wantJwt {
userinfo, err := auth.GetUserInfoFormMapClaims(claims) userinfo, err = auth.ParseJwtToken(w, r, &svcCtx.Config.Auth.AccessSecret)
// 如果获取用户信息出错则返回未授权的JSON响应并记录错误消息 if err != nil {
if err != nil { httpx.OkJsonCtx(r.Context(), w, &basic.Response{
httpx.OkJsonCtx(r.Context(), w, &basic.Response{ Code: 401,
Code: 401, Message: "unauthorized",
Message: "unauthorized", })
}) logx.Info("unauthorized:", err.Error())
logx.Info("unauthorized:", err.Error()) return
return }
} }
var req types.Request var req types.Request

54
utils/auth/user.go
View File

@ -5,6 +5,7 @@ import (
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
"net/http"
"github.com/golang-jwt/jwt" "github.com/golang-jwt/jwt"
"github.com/google/uuid" "github.com/google/uuid"
@ -60,3 +61,56 @@ func GenerateJwtToken(accessSecret string, accessExpire, nowSec int64, userid in
token.Claims = claims token.Claims = claims
return token.SignedString([]byte(accessSecret)) return token.SignedString([]byte(accessSecret))
} }
func ParseJwtToken(w http.ResponseWriter, r *http.Request, AccessSecret *string) (*UserInfo, error) {
// 解析jwtToken
claims, err := getJwtClaims(r, AccessSecret)
// 如果解析出错则返回未授权的JSON响应并记录错误消息
if err != nil {
// httpx.OkJsonCtx(r.Context(), w, &basic.Response{
// Code: 401,
// Message: "unauthorized",
// })
// logx.Info("unauthorized:", err.Error())
return nil, err
}
// 从Token里获取对应的信息
userinfo, err := GetUserInfoFormMapClaims(claims)
// 如果获取用户信息出错则返回未授权的JSON响应并记录错误消息
if err != nil {
// httpx.OkJsonCtx(r.Context(), w, &basic.Response{
// Code: 401,
// Message: "unauthorized",
// })
// logx.Info("unauthorized:", err.Error())
return nil, err
}
return userinfo, err
}
func getJwtClaims(r *http.Request, AccessSecret *string) (jwt.MapClaims, error) {
AuthKey := r.Header.Get("Authorization")
if len(AuthKey) <= 50 {
return nil, errors.New(fmt.Sprint("Error parsing token, len:", len(AuthKey)))
}
token, err := jwt.Parse(AuthKey, func(token *jwt.Token) (interface{}, error) {
// 检查签名方法是否为 HS256
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
}
// 返回用于验证签名的密钥
return []byte(*AccessSecret), nil
})
if err != nil {
return nil, errors.New(fmt.Sprint("Error parsing token:", err))
}
// 验证成功返回
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
return claims, nil
}
return nil, errors.New(fmt.Sprint("Invalid token", err))
}