一、概述
Go使用jwt创建token,验证登录用户的合法性
导入jwt包
go get github.com/dgrijalva/jwt-go
二、代码示例
1.创建token及解析token
package token import ( "fmt" "go_workspace/entity" "time" "github.com/dgrijalva/jwt-go" ) type Claims struct { Id int64 Pwd string jwt.StandardClaims } var jwtKey = []byte("yw_tony_laofuzi_123456789") //证书签名秘钥,用来签发证书 // 生成token func CreateToken(user entity.User) (string, error) { fmt.Println("传给token的用户数据:", user) //设置token过期时间(此处设置7天后过期) expirationTime := time.Now().Add(7 * 24 * time.Hour) claims := &Claims{ Id: user.Id, Pwd: user.Pwd, StandardClaims: jwt.StandardClaims{ ExpiresAt: expirationTime.Unix(), //过期事件 IssuedAt: time.Now().Unix(), //发布时间 Subject: "go test create jwt token", //主题 Issuer: "tony", //发布者 }, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) //生成token tokenStr, err := token.SignedString(jwtKey) if err != nil { fmt.Println("token", tokenStr) } return tokenStr, err } // 解析token func ParseToken(tokenStr string) (*jwt.Token, *Claims, error) { claims := &Claims{} token, err := jwt.ParseWithClaims(tokenStr, claims, func(token *jwt.Token) (i interface{}, err error) { return jwtKey, nil }) return token, claims, err }
2.登录后创建token
// 用户登录 func loginHandler(context *gin.Context) { var user entity.User err1 := context.ShouldBindJSON(&user) if err1 != nil { context.JSON(400, gin.H{"error": err1.Error()}) } fmt.Println("登录用户的账号密码信息", user) user2, err := model.Login(user) if err != nil { context.JSON(500, gin.H{"error": err.Error()}) } mToken, err2 := token.CreateToken(user2) if err2 != nil { context.JSON(500, gin.H{"error": err2.Error()}) } context.JSON(200, gin.H{"token": mToken}) }
3.添加用户后解析token,并验证用户身份
func checkToken(context *gin.Context) { //获取authorization header Authorization := context.GetHeader("Authorization") fmt.Println("Authorization:", Authorization) if Authorization == "" { context.JSON(400, gin.H{"error": "token为空"}) return } //解析token mToken, claims, err := token.ParseToken(Authorization) fmt.Println("token:", mToken) fmt.Println("claims:", claims) if err != nil || !mToken.Valid { //解析错误或者token过期 context.JSON(400, gin.H{"error": "token过期/错误"}) return } } // 添加新用户 func addUserUseXormHandler(context *gin.Context) { checkToken(context) var user entity.User err5 := context.ShouldBindJSON(&user) if err5 != nil { context.JSON(400, gin.H{"error": err5.Error()}) return } user.UpdateTime = time.Now().Format("2006-01-02 15:04:05") row, err1 := model.AddUserUseXorm(user) if row > 0 { context.JSON(200, gin.H{"data": user}) } else { context.JSON(500, gin.H{"data": err1.Error()}) } fmt.Println("添加新用户") }