wx-server/internal/middleware/jwt/jwt.go

package jwt

import (
	"mini_server/internal/config"
	"mini_server/internal/dao"
	"net/http"
	"time"

	"github.com/dgrijalva/jwt-go"
	"github.com/gin-gonic/gin"
)

var jwtKey = []byte(config.JwtKey)

type Claims struct {
	Username string `json:"username"`
	ID       int32  `json:"id"`
	jwt.StandardClaims
}

func CreateToken(user *dao.User) (string, error) {
	token := jwt.NewWithClaims(jwt.SigningMethodHS256, &Claims{
		ID:       user.ID,
		Username: user.Username,
		StandardClaims: jwt.StandardClaims{
			ExpiresAt: jwt.TimeFunc().Add(time.Hour * 24).Unix(), // Token expires in 24 hours
			IssuedAt:  jwt.TimeFunc().Unix(),
		},
	})
	return token.SignedString(jwtKey)
}

func AuthenticateToken(tokenString string) (*Claims, error) {
	token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {
		return jwtKey, nil
	})
	if claims, ok := token.Claims.(*Claims); ok && token.Valid {
		return claims, nil
	} else {
		return nil, err
	}
}

func AuthMiddleware() gin.HandlerFunc {
	return func(ctx *gin.Context) {
		if !withinWhiteList(ctx.Request.URL, ctx.Request.Method) {
			tokenString := ctx.GetHeader("Authorization")
			if tokenString == "" {
				ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
				return
			}

			claims, err := AuthenticateToken(tokenString)
			if err != nil {
				ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
				return
			}
			ctx.Set("user", claims)
		}
		ctx.Next()
	}
}
first commit 2024-06-04 21:22:50 +08:00			`package jwt`

			`import (`
			`"mini_server/internal/config"`
			`"mini_server/internal/dao"`
			`"net/http"`
			`"time"`

			`"github.com/dgrijalva/jwt-go"`
			`"github.com/gin-gonic/gin"`
			`)`

			`var jwtKey = []byte(config.JwtKey)`

			`type Claims struct {`
			Username string `json:"username"`
			ID int32 `json:"id"`
			`jwt.StandardClaims`
			`}`

			`func CreateToken(user *dao.User) (string, error) {`
			`token := jwt.NewWithClaims(jwt.SigningMethodHS256, &Claims{`
			`ID: user.ID,`
			`Username: user.Username,`
			`StandardClaims: jwt.StandardClaims{`
			`ExpiresAt: jwt.TimeFunc().Add(time.Hour * 24).Unix(), // Token expires in 24 hours`
			`IssuedAt: jwt.TimeFunc().Unix(),`
			`},`
			`})`
			`return token.SignedString(jwtKey)`
			`}`

			`func AuthenticateToken(tokenString string) (*Claims, error) {`
			`token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {`
			`return jwtKey, nil`
			`})`
			`if claims, ok := token.Claims.(*Claims); ok && token.Valid {`
			`return claims, nil`
			`} else {`
			`return nil, err`
			`}`
			`}`

			`func AuthMiddleware() gin.HandlerFunc {`
			`return func(ctx *gin.Context) {`
			`if !withinWhiteList(ctx.Request.URL, ctx.Request.Method) {`
			`tokenString := ctx.GetHeader("Authorization")`
			`if tokenString == "" {`
			`ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})`
			`return`
			`}`

			`claims, err := AuthenticateToken(tokenString)`
			`if err != nil {`
			`ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})`
			`return`
			`}`
			`ctx.Set("user", claims)`
			`}`
			`ctx.Next()`
			`}`
			`}`