go gin+token(JWT)驗證實現登陸驗證
1.準備
go get github.com/dgrijalva/jwt-go go get github.com/gin-gonic/gin
2.代碼
package main import ( "errors" "fmt" "github.com/dgrijalva/jwt-go" "github.com/gin-gonic/gin" "net/http" "time" ) func main() { r := gin.Default() r.GET("/login/:username/:password", login) r.GET("/verify/:token", verify) r.GET("/refresh/:token", refresh) r.GET("/sayHello/:token", sayHello) r.Run(":9090") //http://localhost:9090/login/dong/123456 //http://localhost:9090/verify/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NjA1MTIyMTAsImlhdCI6MTU2MDUwODYxMCwidXNlcl9pZCI6MSwicGFzc3dvcmQiOiIxMjM0NTYiLCJ1c2VybmFtZSI6ImRvbmciLCJmdWxsX25hbWUiOiJkb25nIiwicGVybWlzc2lvbnMiOltdfQ.Esh1Zge0vO1BAW1GeR5wurWP3H1jUIaMf3tcSaUwkzA //http://localhost:9090/refresh/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NjA1MTIyNDMsImlhdCI6MTU2MDUwODYxMCwidXNlcl9pZCI6MSwicGFzc3dvcmQiOiIxMjM0NTYiLCJ1c2VybmFtZSI6ImRvbmciLCJmdWxsX25hbWUiOiJkb25nIiwicGVybWlzc2lvbnMiOltdfQ.Xkb_J8MWXkwGUcBF9bpp2Ccxp8nFPtRzFzOBeboHmg0 } const( ErrorReason_ServerBusy = "服務器繁忙" ErrorReason_ReLogin = "請重新登陸" ) func sayHello(c *gin.Context) { strToken := c.Param("token") claim,err := verifyAction(strToken) if err != nil { c.String(http.StatusNotFound, err.Error()) return } c.String(http.StatusOK, "hello,",claim.Username) } type JWTClaims struct { // token裡面添加用戶信息,驗證token後可能會用到用戶信息 jwt.StandardClaims UserID int `json:"user_id"` Password string `json:"password"` Username string `json:"username"` FullName string `json:"full_name"` Permissions []string `json:"permissions"` } var ( Secret = "dong_tech" // 加鹽 ExpireTime = 3600 // token有效期 ) func login(c *gin.Context) { username := c.Param("username") password := c.Param("password") claims := &JWTClaims{ UserID: 1, Username: username, Password: password, FullName: username, Permissions: []string{}, } claims.IssuedAt = time.Now().Unix() claims.ExpiresAt = time.Now().Add(time.Second * time.Duration(ExpireTime)).Unix() signedToken,err:=getToken(claims) if err!=nil{ c.String(http.StatusNotFound, err.Error()) return } c.String(http.StatusOK, signedToken) } func verify(c *gin.Context) { strToken := c.Param("token") claim,err := verifyAction(strToken) if err != nil { c.String(http.StatusNotFound, err.Error()) return } c.String(http.StatusOK, "verify,",claim.Username) } func refresh(c *gin.Context) { strToken := c.Param("token") claims,err := verifyAction(strToken) if err != nil { c.String(http.StatusNotFound, err.Error()) return } claims.ExpiresAt = time.Now().Unix() + (claims.ExpiresAt - claims.IssuedAt) signedToken,err:=getToken(claims) if err!=nil{ c.String(http.StatusNotFound, err.Error()) return } c.String(http.StatusOK, signedToken) } func verifyAction(strToken string) (*JWTClaims, error) { token, err := jwt.ParseWithClaims(strToken, &JWTClaims{}, func(token *jwt.Token) (interface{}, error) { return []byte(Secret), nil }) if err != nil { return nil, errors.New(ErrorReason_ServerBusy) } claims, ok := token.Claims.(*JWTClaims) if !ok { return nil, errors.New(ErrorReason_ReLogin) } if err := token.Claims.Valid(); err != nil { return nil, errors.New(ErrorReason_ReLogin) } fmt.Println("verify") return claims, nil } func getToken(claims *JWTClaims)(string,error){ token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) signedToken, err := token.SignedString([]byte(Secret)) if err != nil { return "",errors.New(ErrorReason_ServerBusy) } return signedToken,nil }
運行結果如圖:
訪問接口
登陸
驗證
刷新
http://localhost:9090/login/
http://localhost:9090/verify/
http://localhost:9090/refresh/
到此這篇關於go gin+token(JWT)驗證實現登陸驗證的文章就介紹到這瞭,更多相關go gin token JWT登陸驗證內容請搜索WalkonNet以前的文章或繼續瀏覽下面的相關文章希望大傢以後多多支持WalkonNet!
推薦閱讀:
- golang中gin框架接入jwt使用token驗證身份
- golang進行簡單權限認證的實現
- 如何利用jwt來保護你的接口服務
- JWT 設置token過期時間無效的解決
- Golang基於JWT與Casbin身份驗證授權實例詳解