| | |
| | | package auth |
| | | |
| | | import ( |
| | | "encoding/json" |
| | | "errors" |
| | | jwtLib "github.com/dgrijalva/jwt-go" |
| | | "github.com/dgrijalva/jwt-go/request" |
| | | "github.com/gin-gonic/gin" |
| | | "net/http" |
| | | "strings" |
| | | "time" |
| | | ) |
| | | |
| | | type jwtAuthManager struct { |
| | | secret string |
| | | expire time.Duration |
| | | alg string |
| | | } |
| | | |
| | | func NewJwtAuthDriver() *jwtAuthManager{ |
| | | return &jwtAuthManager{ |
| | | secret:TokenKey, |
| | | expire:time.Hour*8, |
| | | alg:"HS256", |
| | | } |
| | | } |
| | | |
| | | func (jwtAuth *jwtAuthManager) Check(c *gin.Context) bool { |
| | | token := c.Request.Header.Get("Authorization") |
| | | b := "Bearer " |
| | | if !strings.Contains(token, b) { |
| | | return false |
| | | } |
| | | t := strings.Split(token, b) |
| | | if len(t) < 2 { |
| | | return false |
| | | } |
| | | var keyFunc = func(token *jwtLib.Token) (interface{},error) { |
| | | b := []byte(jwtAuth.secret) |
| | | return b,nil |
| | | } |
| | | authJwtToken, err:= request.ParseFromRequest(c.Request,request.OAuth2Extractor,keyFunc) |
| | | if err !=nil { |
| | | return false |
| | | } |
| | | |
| | | c.Set("User",map[string]interface{}{ |
| | | "token":authJwtToken, |
| | | }) |
| | | |
| | | return authJwtToken.Valid |
| | | } |
| | | |
| | | func (jwtAuth *jwtAuthManager) User(c *gin.Context) interface{}{ |
| | | var jwtToken *jwtLib.Token |
| | | if jwtUser, exist := c.Get("User");!exist{ |
| | | tokenStr :=strings.Replace(c.Request.Header.Get("Authorization"),"Bearer ","",-1) |
| | | if tokenStr == ""{ |
| | | return map[interface{}]interface{}{} |
| | | } |
| | | var err error |
| | | jwtToken,err = jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) { |
| | | b :=[]byte(jwtAuth.secret) |
| | | return b,nil |
| | | }) |
| | | if err !=nil { |
| | | panic(err) |
| | | } |
| | | } else { |
| | | jwtToken = jwtUser.(map[string]interface{})["token"].(*jwtLib.Token) |
| | | } |
| | | if claims,ok :=jwtToken.Claims.(jwtLib.MapClaims);ok && jwtToken.Valid{ |
| | | var user map[string]interface{} |
| | | if err := json.Unmarshal([]byte(claims["user"].(string)), &user); err != nil { |
| | | panic(err) |
| | | } |
| | | c.Set("User", map[string]interface{}{ |
| | | "token": jwtToken, |
| | | "user": user, |
| | | }) |
| | | return user |
| | | } else { |
| | | panic(errors.New("decode jwt user claims fail")) |
| | | } |
| | | } |
| | | |
| | | func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) interface{} { |
| | | |
| | | token := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg)) |
| | | |
| | | userStr, err := json.Marshal(user) |
| | | token.Claims = jwtLib.MapClaims{ |
| | | "user": string(userStr), |
| | | "exp": time.Now().Add(jwtAuth.expire).Unix(), |
| | | } |
| | | |
| | | tokenString, err := token.SignedString([]byte(jwtAuth.secret)) |
| | | if err != nil { |
| | | return nil |
| | | } |
| | | |
| | | return tokenString |
| | | } |
| | | |
| | | func (jwtAuth *jwtAuthManager) Logout(http *http.Request, w http.ResponseWriter) bool { |
| | | |
| | | return true |
| | | } |