🎨双token校验
This commit is contained in:
coward
parent
fb97082c0c
commit
d74d7c579f
@ -15,7 +15,7 @@ import (
|
||||
)
|
||||
|
||||
// jwt密钥
|
||||
const secret = "JQo7L1RYa8ArFWuj0wC9PyM3VzmDIfXZ2d5tsTOBhNgviE64bnKqGpSckxUlHey6"
|
||||
//const secret = "JQo7L1RYa8ArFWuj0wC9PyM3VzmDIfXZ2d5tsTOBhNgviE64bnKqGpSckxUlHey6"
|
||||
|
||||
type JwtComponent struct {
|
||||
ID string `json:"id"`
|
||||
@ -33,10 +33,11 @@ func JWT() JwtComponent {
|
||||
// @description: 生成token
|
||||
// @receiver JwtComponent
|
||||
// @param userId
|
||||
// @param password
|
||||
// @return token
|
||||
// @return expireTime
|
||||
// @return err
|
||||
func (JwtComponent) GenerateToken(userId string) (token string, expireTime *jwt.NumericDate, err error) {
|
||||
func (JwtComponent) GenerateToken(userId, secret string) (token string, expireTime *jwt.NumericDate, err error) {
|
||||
timeNow := time.Now().Local()
|
||||
expireTime = jwt.NewNumericDate(timeNow.Add(7 * time.Hour))
|
||||
notBefore := jwt.NewNumericDate(timeNow)
|
||||
@ -70,7 +71,7 @@ func (JwtComponent) GenerateToken(userId string) (token string, expireTime *jwt.
|
||||
// @param token
|
||||
// @return *JwtComponent
|
||||
// @return error
|
||||
func (JwtComponent) ParseToken(token string) (*JwtComponent, error) {
|
||||
func (JwtComponent) ParseToken(token, secret string) (*JwtComponent, error) {
|
||||
tokenStr := strings.Split(token, "Bearer ")[1]
|
||||
|
||||
t, err := jwt.ParseWithClaims(tokenStr, &JwtComponent{}, func(token *jwt.Token) (any, error) {
|
||||
|
||||
@ -72,13 +72,14 @@ func (LoginApi) Login(c *gin.Context) {
|
||||
}
|
||||
|
||||
// 生成token
|
||||
token, expireAt, err := component.JWT().GenerateToken(user.Id)
|
||||
token, expireAt, err := component.JWT().GenerateToken(user.Id, utils.Hash().SHA256(p.Password))
|
||||
if err != nil {
|
||||
log.Errorf("用户[%s]生成token失败: %v", user.Account, err.Error())
|
||||
response.R(c).FailedWithError("登陆失败!")
|
||||
return
|
||||
}
|
||||
|
||||
c.Writer.Header().Set("X-TOKEN", utils.Hash().SHA256(p.Password))
|
||||
response.R(c).OkWithData(map[string]any{
|
||||
"token": token,
|
||||
"type": "Bearer",
|
||||
|
||||
@ -22,7 +22,14 @@ func Authorization() gin.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
userClaims, err := component.JWT().ParseToken(token)
|
||||
hashPassword := c.Request.Header.Get("X-TOKEN")
|
||||
if hashPassword == "" {
|
||||
response.R(c).AuthorizationFailed("未登陆")
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
userClaims, err := component.JWT().ParseToken(token, hashPassword)
|
||||
if err != nil {
|
||||
response.R(c).AuthorizationFailed("未登陆")
|
||||
c.Abort()
|
||||
|
||||
44
utils/hash.go
Normal file
44
utils/hash.go
Normal file
@ -0,0 +1,44 @@
|
||||
package utils
|
||||
|
||||
import (
|
||||
"crypto/md5"
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"encoding/hex"
|
||||
)
|
||||
|
||||
type hash struct{}
|
||||
|
||||
func Hash() hash {
|
||||
return hash{}
|
||||
}
|
||||
|
||||
// MD5
|
||||
// @description: MD5摘要
|
||||
// @param str
|
||||
// @return string
|
||||
func (hash) MD5(str string) string {
|
||||
hs := md5.New()
|
||||
hs.Write([]byte(str))
|
||||
return hex.EncodeToString(hs.Sum(nil))
|
||||
}
|
||||
|
||||
// SHA256
|
||||
// @description: SHA256
|
||||
// @param str
|
||||
// @return string
|
||||
func (hash) SHA256(str string) string {
|
||||
hasher := sha256.New()
|
||||
hasher.Write([]byte(str))
|
||||
return hex.EncodeToString(hasher.Sum(nil))
|
||||
}
|
||||
|
||||
// SHA512
|
||||
// @description: SHA512
|
||||
// @param str
|
||||
// @return string
|
||||
func (hash) SHA512(str string) string {
|
||||
hasher := sha512.New()
|
||||
hasher.Write([]byte(str))
|
||||
return hex.EncodeToString(hasher.Sum(nil))
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user