background/utils/JWT.go

104 lines
2.7 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

package utils
import (
"fmt"
"github.com/dgrijalva/jwt-go"
"strconv"
"time"
)
//创建token,
/*
uid:用户名
secret:密匙
alg:加密算法类型
exp过期时间单位是秒
*/
func CreateJwt(uid string, secret []byte, alg string, exp int64) (tokenString string, err error) {
//get SigningMethod
signingMethon := jwt.GetSigningMethod(alg)
//time.Sleep(time.Nanosecond * time.Duration(RandomInt(0, 10)))
iat := time.Now().Unix()
// Create a new token object, specifying signing method and the claims
// you would like it to contain.
token := jwt.NewWithClaims(signingMethon, jwt.MapClaims{
"iss": "Authen Center",
"iat": iat,
"exp": iat + exp,
"jti": uid,
})
// Sign and get the complete encoded token as a string using the secret
tokenString, err = token.SignedString(secret)
//fmt.Printf("get jwt:%v,%v,%v\n%s\n", iat, iat+exp, uid, tokenString)
return
}
//获取token的用户名
//tokenString token字符串
//tag 字段名 如jti
func GetUid(tokenString string, tag string) (string, error) {
tokens, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
// Don't forget to validate the alg is what you expect:
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
return []byte(""), nil
})
if tokens == nil {
return "", err
}
//fmt.Printf("%#v",tokens.Claims.(jwt.MapClaims))
uid := tokens.Claims.(jwt.MapClaims)[tag]
switch t := uid.(type) {
case int:
_ = t
return strconv.Itoa(uid.(int)), nil
case float64:
_ = t
return strconv.FormatFloat(uid.(float64), 'g', 12, 64), nil
//... etc
}
return uid.(string), nil
}
//验证token
//secret 秘钥
//tokenString token的字符串
func VerifyJwt(secret []byte, tokenString string) (state int) {
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
// Don't forget to validate the alg is what you expect:
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
}
// secret is a []byte containing your secret, e.g. []byte("my_secret_key")
return secret, nil
})
if err != nil {
state := -1 // jwt解析错误
tempError := err.(*jwt.ValidationError)
//fmt.Println("jwt error")
//fmt.Println(tempError)
//jwt过期
if tempError.Errors == jwt.ValidationErrorExpired {
//fmt.Println("jwt expired")
state = -2
}
// jwt IAT 错误
if tempError.Errors == jwt.ValidationErrorIssuedAt {
//fmt.Printf("jwt iat error")
state = -3
}
return state
}
if _, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
// fmt.Println(claims["iat"], claims["exp"])
// 验证通过
return 0
}
return 5
}