| | |
|---|
| | | package auth |
|---|
| | | |
|---|
| | | import ( |
|---|
| | | "encoding/json" |
|---|
| | | jwtLib "github.com/dgrijalva/jwt-go" |
|---|
| | | "github.com/dgrijalva/jwt-go/request" |
|---|
| | | "github.com/gin-gonic/gin" |
|---|
| | | "net/http" |
|---|
| | | "strings" |
|---|
| | | "time" |
|---|
| | | ) |
|---|
| | | |
|---|
| | | type jwtAuthManager struct { |
|---|
| | | secret string |
|---|
| | | expire time.Duration |
|---|
| | | alg string |
|---|
| | | } |
|---|
| | | |
|---|
| | | func NewJwtAuthDriver() *jwtAuthManager { |
|---|
| | | return &jwtAuthManager{ |
|---|
| | | secret: TokenKey, |
|---|
| | | expire: time.Hour * 8, |
|---|
| | | alg: "HS256", |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | func (jwtAuth *jwtAuthManager) Check(c *gin.Context) bool { |
|---|
| | | token := c.Request.Header.Get("Authorization") |
|---|
| | | b := "Bearer " |
|---|
| | | if !strings.Contains(token, b) { |
|---|
| | | return false |
|---|
| | | } |
|---|
| | | t := strings.Split(token, b) |
|---|
| | | if len(t) < 2 { |
|---|
| | | return false |
|---|
| | | } |
|---|
| | | var keyFunc = func(token *jwtLib.Token) (interface{}, error) { |
|---|
| | | b := []byte(jwtAuth.secret) |
|---|
| | | return b, nil |
|---|
| | | } |
|---|
| | | authJwtToken, err := request.ParseFromRequest(c.Request, request.OAuth2Extractor, keyFunc) |
|---|
| | | if err != nil { |
|---|
| | | return false |
|---|
| | | } |
|---|
| | | |
|---|
| | | c.Set("User", map[string]interface{}{ |
|---|
| | | "token": authJwtToken, |
|---|
| | | }) |
|---|
| | | |
|---|
| | | return authJwtToken.Valid |
|---|
| | | } |
|---|
| | | |
|---|
| | | func (jwtAuth *jwtAuthManager) User(c *gin.Context) map[string]interface{} { |
|---|
| | | var jwtToken *jwtLib.Token |
|---|
| | | if jwtUser, exist := c.Get("User"); !exist { |
|---|
| | | tokenStr := strings.Replace(c.Request.Header.Get("Authorization"), "Bearer ", "", -1) |
|---|
| | | if tokenStr == "" { |
|---|
| | | return nil |
|---|
| | | } |
|---|
| | | var err error |
|---|
| | | jwtToken, err = jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) { |
|---|
| | | b := []byte(jwtAuth.secret) |
|---|
| | | return b, nil |
|---|
| | | }) |
|---|
| | | if err != nil { |
|---|
| | | return nil |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | jwtToken = jwtUser.(map[string]interface{})["token"].(*jwtLib.Token) |
|---|
| | | } |
|---|
| | | if claims, ok := jwtToken.Claims.(jwtLib.MapClaims); ok && jwtToken.Valid { |
|---|
| | | var user map[string]interface{} |
|---|
| | | if err := json.Unmarshal([]byte(claims["user"].(string)), &user); err != nil { |
|---|
| | | return nil |
|---|
| | | } |
|---|
| | | c.Set("User", map[string]interface{}{ |
|---|
| | | "token": jwtToken, |
|---|
| | | "user": user, |
|---|
| | | }) |
|---|
| | | return user |
|---|
| | | } else { |
|---|
| | | return nil |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) interface{} { |
|---|
| | | |
|---|
| | | token := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg)) |
|---|
| | | |
|---|
| | | userStr, err := json.Marshal(user) |
|---|
| | | token.Claims = jwtLib.MapClaims{ |
|---|
| | | "user": string(userStr), |
|---|
| | | "exp": time.Now().Add(jwtAuth.expire).Unix(), |
|---|
| | | } |
|---|
| | | |
|---|
| | | tokenString, err := token.SignedString([]byte(jwtAuth.secret)) |
|---|
| | | if err != nil { |
|---|
| | | return nil |
|---|
| | | } |
|---|
| | | |
|---|
| | | return tokenString |
|---|
| | | } |
|---|
| | | |
|---|
| | | func (jwtAuth *jwtAuthManager) Logout(http *http.Request, w http.ResponseWriter) bool { |
|---|
| | | |
|---|
| | | return true |
|---|
| | | } |
|---|
