add refresh token to resp

liuxiaolong

2020-06-05 7c811247ecf143e08c576986a884bedadc57dd66

add refresh token to resp

 controllers/user.go

@@ -45,20 +45,22 @@
        tokenM["id"] = loginedM["id"]
        tokenM["username"] = loginedM["username"]
        tokenM["permissions"] = loginedM["permissions"]
        tokenStr := (*authDriver).Login(c.Request, c.Writer, tokenM)
        b,tokenStr,refreshTokenStr := (*authDriver).Login(c.Request, c.Writer, tokenM)
        if b {
            userId := loginedM["id"].(string)
            auth.RemoveOutUser(userId)


        userId := loginedM["id"].(string)
        auth.RemoveOutUser(userId)

        c.JSON(200,map[string]interface{}{
            "userInfo":loginedM,
            "access_token":tokenStr,
            "refresh_token":tokenStr,
            "scope":"app",
            "token_type":"Bearer",
            "expires_in":time.Now().Add(time.Hour * 8).Unix(),
        })
            c.JSON(200,map[string]interface{}{
                "userInfo":loginedM,
                "access_token": tokenStr,
                "refresh_token": refreshTokenStr,
                "scope":"app",
                "token_type":"Bearer",
                "expires_in":time.Now().Add(time.Hour * 8).Unix(),
            })
        } else {
            c.JSON(500,"用户名或密码错误")
        }
    } else {
        c.JSON(500,"用户名或密码错误")
    }
@@ -111,9 +113,31 @@
        c.JSON(http.StatusUnauthorized,"")
    }
}

// @Summary token过期后刷新token
// @Description token过期后刷新token
// @Accept x-www-form-urlencoded
// @Produce json
// @Tags 用户
// @Param refresh_token formData string true "上次获取token时返回的refresh_token值"
// @Success 200 {string} json "{"code":200, success:true, msg:"", data:""}"
// @Failure 500 {string} json "{"code":500, success:false, msg:"", data:""}"
// @Router /data/api-u/sys/refresh_token [post]
func (uc UserController) RefreshToken(c *gin.Context){

    refreshToken := c.PostForm("refresh_token")
    if refreshToken == "" {
        util.ResponseFormat(c,code.TokenNotFound,"未找到refresh_token")
        return
    }
    authDriver := auth.GenerateAuthDriver()
    if b,newToken,newRefreshToken := (*authDriver).RefreshToken(refreshToken);b {
        util.ResponseFormat(c,code.Success,map[string]string{
            "token": newToken,
            "refresh_token": newRefreshToken,
        })
    } else {
        util.ResponseFormat(c,code.NotLogin,"请重新登录")
    }
}

// @Router /data/api-u/sys/logout [get]

 middlewares/auth/auth.go

@@ -16,8 +16,9 @@
type Auth interface {
    Check(c *gin.Context)bool
    User(c *gin.Context)map[string]interface{}
    Login(http *http.Request,w http.ResponseWriter,user map[string]interface{})interface{}
    Login(http *http.Request,w http.ResponseWriter,user map[string]interface{}) (bool, string, string)
    Logout(http *http.Request,w http.ResponseWriter) bool
    RefreshToken(tokenStr string) (bool, string, string)
}

func GenerateAuthDriver() *Auth {

 middlewares/auth/jwt.go

@@ -50,6 +50,39 @@
    return authJwtToken.Valid
}

func (jwtAuth *jwtAuthManager) RefreshToken(tokenStr string) (bool,string,string) {
    tokenStr := strings.Replace(tokenStr, "Bearer ", "")
    if tokenStr != "" {
        jwtToken, err := jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) {
            b := []byte(jwtAuth.secret)
            return b, nil
        })
        if err == nil {
            if claims, ok := jwtToken.Claims.(jwtLib.MapClaims); ok && jwtToken.Valid {
                var user map[string]interface{}
                if err := json.Unmarshal([]byte(claims["user"].(string)), &user); err == nil {
                    //生成一个新的token和refresh_token值
                    userStr, _ := json.Marshal(user)
                    jwtToken.Claims = jwtLib.MapClaims{
                        "user": string(userStr),
                        "exp":  time.Now().Add(jwtAuth.expire).Unix(),
                    }
                    token,e1 := jwtToken.SignedString([]byte(jwtAuth.secret))
                    jwtToken.Claims = jwtLib.MapClaims{
                        "user": string(userStr),
                        "exp":  time.Now().Add(jwtAuth.expire + time.Hour * 4).Unix(),
                    }
                    refreshToken,e2 := jwtToken.SignedString([]byte(jwtAuth.secret))
                    if e1 ==nil && e2 == nil {
                        return true, token, refreshToken
                    }
                }
            }
        }
    }
    return false,"",""
}

func (jwtAuth *jwtAuthManager) User(c *gin.Context) map[string]interface{} {
    var jwtToken *jwtLib.Token
    if jwtUser, exist := c.Get("User"); !exist {
@@ -83,22 +116,25 @@
    }
}

func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) interface{} {
func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) (bool,string,string) {

    token := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg))
    jwtToken := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg))

    userStr, err := json.Marshal(user)
    token.Claims = jwtLib.MapClaims{
    userStr, _ := json.Marshal(user)
    jwtToken.Claims = jwtLib.MapClaims{
        "user": string(userStr),
        "exp":  time.Now().Add(jwtAuth.expire).Unix(),
    }

    tokenString, err := token.SignedString([]byte(jwtAuth.secret))
    if err != nil {
        return nil
    token,e1 := jwtToken.SignedString([]byte(jwtAuth.secret))
    jwtToken.Claims = jwtLib.MapClaims{
        "user": string(userStr),
        "exp":  time.Now().Add(jwtAuth.expire + time.Hour * 4).Unix(),
    }

    return tokenString
    refreshToken,e2 := jwtToken.SignedString([]byte(jwtAuth.secret))
    if e1 ==nil && e2 ==nil {
        return true, token, refreshToken
    }
    return false, "", ""
}

func (jwtAuth *jwtAuthManager) Logout(http *http.Request, w http.ResponseWriter) bool {