wmj-test/src/jwt_utils.go

83 lines
1.8 KiB
Go

package k8s_manager
import (
"errors"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v4"
"net/http"
"strings"
"time"
)
type MyClaims struct {
Username string `json:"username"`
jwt.RegisteredClaims
}
var mySecret = []byte("ABCDEFGHIJKLMN")
const TokenExpireDuration = time.Hour * 24 * 30 * 24
func GenerateToken(username string) (string, error) {
c := MyClaims{
Username: username,
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(TokenExpireDuration)},
Issuer: "cg-k8s",
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, c)
return token.SignedString(mySecret)
}
func ParseToken(tokenString string) (*MyClaims, error) {
token, err := jwt.ParseWithClaims(tokenString, &MyClaims{}, func(token *jwt.Token) (i interface{}, err error) {
return mySecret, nil
})
if err != nil {
return nil, err
}
if claims, ok := token.Claims.(*MyClaims); ok && token.Valid { // 校验token
return claims, nil
}
return nil, errors.New("invalid token")
}
func JWTAuthMiddleware(c *gin.Context) {
authHeader := c.Request.Header.Get("Authorization")
if authHeader == "" {
var err error
authHeader, err = c.Cookie("Authorization")
if err != nil {
authHeader = ""
}
}
if authHeader == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": http.StatusUnauthorized,
"msg": "No Authorized Token.",
})
c.Abort()
return
}
parts := strings.SplitN(authHeader, " ", 2)
if !(len(parts) == 2 && parts[0] == "Bearer") {
c.JSON(http.StatusUnauthorized, gin.H{
"code": http.StatusUnauthorized,
"msg": "Wrong Authorization Format.",
})
c.Abort()
return
}
mc, err := ParseToken(parts[1])
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": http.StatusUnauthorized,
"msg": "Wrong Token.",
})
c.Abort()
return
}
c.Set("username", mc.Username)
}