🎨jwt密钥增加随机性
This commit is contained in:
coward
parent
172cb46c31
commit
1fa56c68dd
@ -7,6 +7,7 @@ import (
|
|||||||
"gitee.ltd/lxh/logger/log"
|
"gitee.ltd/lxh/logger/log"
|
||||||
"github.com/golang-jwt/jwt/v5"
|
"github.com/golang-jwt/jwt/v5"
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
|
"math/rand"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
"wireguard-ui/config"
|
"wireguard-ui/config"
|
||||||
@ -15,9 +16,6 @@ import (
|
|||||||
"wireguard-ui/utils"
|
"wireguard-ui/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
// jwt密钥
|
|
||||||
//const secret = "JQo7L1RYa8ArFWuj0wC9PyM3VzmDIfXZ2d5tsTOBhNgviE64bnKqGpSckxUlHey6"
|
|
||||||
|
|
||||||
type JwtComponent struct {
|
type JwtComponent struct {
|
||||||
ID string `json:"id"`
|
ID string `json:"id"`
|
||||||
jwt.RegisteredClaims
|
jwt.RegisteredClaims
|
||||||
@ -103,6 +101,15 @@ func (JwtComponent) ParseToken(token, secret string) (*JwtComponent, error) {
|
|||||||
// @param secret
|
// @param secret
|
||||||
// @return string
|
// @return string
|
||||||
func (JwtComponent) GenerateSecret(secret ...string) string {
|
func (JwtComponent) GenerateSecret(secret ...string) string {
|
||||||
|
// 添加10个元素,增加随机性
|
||||||
|
for i := 0; i <= 10; i++ {
|
||||||
|
secret = append(secret, uuid.NewString()
|
||||||
|
// 混淆一下明文secret的顺序
|
||||||
|
n := len(secret)
|
||||||
|
for i := n - 1; i > 0; i-- {
|
||||||
|
j := rand.Intn(i + 1)
|
||||||
|
secret[i], secret[j] = secret[j], secret[i]
|
||||||
|
}
|
||||||
secretStr := strings.Join(secret, ".")
|
secretStr := strings.Join(secret, ".")
|
||||||
return utils.Hash().MD5(utils.Hash().SHA256(utils.Hash().SHA512(secretStr)))
|
return utils.Hash().MD5(utils.Hash().SHA256(utils.Hash().SHA512(secretStr)))
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user