1. 前言
token即令牌,访问资源接口(API)时所需要的资源凭证,服务端无状态化、可扩展性好、安全等,
在gin框架中可以引入github.com/dgrijalva/jwt-go,生成和解析令牌。
2. token
下面是生成和解析token的例子
package routers
import (
"fmt"
"net/http"
"time"
"github.com/dgrijalva/jwt-go"
"github.com/gin-gonic/gin"
)
//自定义一个字符串
var jwtkey = []byte("www.yzx-fjl.cn")
var str string
type Claims struct {
UserId uint
jwt.StandardClaims
}
// Token
func TokenRouter(e *gin.Engine) {
// 使用路由组
r := e.Group("/token")
r.GET("/set", set)
r.GET("/get", get)
}
//颁发token
func set(ctx *gin.Context) {
expireTime := time.Now().Add(7 * 24 * time.Hour)
claims := &Claims{
UserId: 2,
StandardClaims: jwt.StandardClaims{
ExpiresAt: expireTime.Unix(), //过期时间
IssuedAt: time.Now().Unix(),
Issuer: "127.0.0.1", // 签名颁发者
Subject: "user token", //签名主题
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
// fmt.Println(token)
tokenString, err := token.SignedString(jwtkey)
if err != nil {
fmt.Println(err)
}
str = tokenString
ctx.JSON(200, gin.H{"token": tokenString})
}
//解析token
func get(ctx *gin.Context) {
tokenString := ctx.GetHeader("Authorization")
//vcalidate token formate
if tokenString == "" {
ctx.JSON(http.StatusUnauthorized, gin.H{"code": 401, "msg": "权限不足"})
ctx.Abort()
return
}
token, claims, err := ParseToken(tokenString)
if err != nil || !token.Valid {
ctx.JSON(http.StatusUnauthorized, gin.H{"code": 401, "msg": "权限不足"})
ctx.Abort()
return
}
ctx.JSON(http.StatusUnauthorized, gin.H{"code": 200, "msg": "ok","userId": claims.UserId})
}
func ParseToken(tokenString string) (*jwt.Token, *Claims, error) {
Claims := &Claims{}
token, err := jwt.ParseWithClaims(tokenString, Claims, func(token *jwt.Token) (i interface{}, err error) {
return jwtkey, nil
})
return token, Claims, err
}
http://localhost:8080/token/set
http://localhost:8080/token/get (可将/token/set获得的token,放到Authorization请求)