From 7c811247ecf143e08c576986a884bedadc57dd66 Mon Sep 17 00:00:00 2001
From: liuxiaolong <liuxiaolong@aiotlink.com>
Date: 星期五, 05 六月 2020 18:29:41 +0800
Subject: [PATCH] add refresh token to resp

---
 controllers/user.go      |   52 +++++++++++++++++++-------
 middlewares/auth/auth.go |    3 +
 middlewares/auth/jwt.go  |   56 +++++++++++++++++++++++-----
 3 files changed, 86 insertions(+), 25 deletions(-)

diff --git a/controllers/user.go b/controllers/user.go
index 3dd1090..9dbdb68 100644
--- a/controllers/user.go
+++ b/controllers/user.go
@@ -45,20 +45,22 @@
 		tokenM["id"] = loginedM["id"]
 		tokenM["username"] = loginedM["username"]
 		tokenM["permissions"] = loginedM["permissions"]
-		tokenStr := (*authDriver).Login(c.Request, c.Writer, tokenM)
+		b,tokenStr,refreshTokenStr := (*authDriver).Login(c.Request, c.Writer, tokenM)
+		if b {
+			userId := loginedM["id"].(string)
+			auth.RemoveOutUser(userId)
 
-
-		userId := loginedM["id"].(string)
-		auth.RemoveOutUser(userId)
-
-		c.JSON(200,map[string]interface{}{
-			"userInfo":loginedM,
-			"access_token":tokenStr,
-			"refresh_token":tokenStr,
-			"scope":"app",
-			"token_type":"Bearer",
-			"expires_in":time.Now().Add(time.Hour * 8).Unix(),
-		})
+			c.JSON(200,map[string]interface{}{
+				"userInfo":loginedM,
+				"access_token": tokenStr,
+				"refresh_token": refreshTokenStr,
+				"scope":"app",
+				"token_type":"Bearer",
+				"expires_in":time.Now().Add(time.Hour * 8).Unix(),
+			})
+		} else {
+			c.JSON(500,"鐢ㄦ埛鍚嶆垨瀵嗙爜閿欒")
+		}
 	} else {
 		c.JSON(500,"鐢ㄦ埛鍚嶆垨瀵嗙爜閿欒")
 	}
@@ -111,9 +113,31 @@
 		c.JSON(http.StatusUnauthorized,"")
 	}
 }
+
+// @Summary token杩囨湡鍚庡埛鏂皌oken
+// @Description token杩囨湡鍚庡埛鏂皌oken
+// @Accept x-www-form-urlencoded
+// @Produce json
+// @Tags 鐢ㄦ埛
+// @Param refresh_token formData string true "涓婃鑾峰彇token鏃惰繑鍥炵殑refresh_token鍊�"
+// @Success 200 {string} json "{"code":200, success:true, msg:"", data:""}"
+// @Failure 500 {string} json "{"code":500, success:false, msg:"", data:""}"
 // @Router /data/api-u/sys/refresh_token [post]
 func (uc UserController) RefreshToken(c *gin.Context){
-
+	refreshToken := c.PostForm("refresh_token")
+	if refreshToken == "" {
+		util.ResponseFormat(c,code.TokenNotFound,"鏈壘鍒皉efresh_token")
+		return
+	}
+	authDriver := auth.GenerateAuthDriver()
+	if b,newToken,newRefreshToken := (*authDriver).RefreshToken(refreshToken);b {
+		util.ResponseFormat(c,code.Success,map[string]string{
+			"token": newToken,
+			"refresh_token": newRefreshToken,
+		})
+	} else {
+		util.ResponseFormat(c,code.NotLogin,"璇烽噸鏂扮櫥褰�")
+	}
 }
 
 // @Router /data/api-u/sys/logout [get]
diff --git a/middlewares/auth/auth.go b/middlewares/auth/auth.go
index d2e365f..d0255fc 100644
--- a/middlewares/auth/auth.go
+++ b/middlewares/auth/auth.go
@@ -16,8 +16,9 @@
 type Auth interface {
 	Check(c *gin.Context)bool
 	User(c *gin.Context)map[string]interface{}
-	Login(http *http.Request,w http.ResponseWriter,user map[string]interface{})interface{}
+	Login(http *http.Request,w http.ResponseWriter,user map[string]interface{}) (bool, string, string)
 	Logout(http *http.Request,w http.ResponseWriter) bool
+	RefreshToken(tokenStr string) (bool, string, string)
 }
 
 func GenerateAuthDriver() *Auth {
diff --git a/middlewares/auth/jwt.go b/middlewares/auth/jwt.go
index 37b4fc3..accb569 100644
--- a/middlewares/auth/jwt.go
+++ b/middlewares/auth/jwt.go
@@ -50,6 +50,39 @@
 	return authJwtToken.Valid
 }
 
+func (jwtAuth *jwtAuthManager) RefreshToken(tokenStr string) (bool,string,string) {
+	tokenStr := strings.Replace(tokenStr, "Bearer ", "")
+	if tokenStr != "" {
+		jwtToken, err := jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) {
+			b := []byte(jwtAuth.secret)
+			return b, nil
+		})
+		if err == nil {
+			if claims, ok := jwtToken.Claims.(jwtLib.MapClaims); ok && jwtToken.Valid {
+				var user map[string]interface{}
+				if err := json.Unmarshal([]byte(claims["user"].(string)), &user); err == nil {
+					//鐢熸垚涓�涓柊鐨則oken鍜宺efresh_token鍊�
+					userStr, _ := json.Marshal(user)
+					jwtToken.Claims = jwtLib.MapClaims{
+						"user": string(userStr),
+						"exp":  time.Now().Add(jwtAuth.expire).Unix(),
+					}
+					token,e1 := jwtToken.SignedString([]byte(jwtAuth.secret))
+					jwtToken.Claims = jwtLib.MapClaims{
+						"user": string(userStr),
+						"exp":  time.Now().Add(jwtAuth.expire + time.Hour * 4).Unix(),
+					}
+					refreshToken,e2 := jwtToken.SignedString([]byte(jwtAuth.secret))
+					if e1 ==nil && e2 == nil {
+						return true, token, refreshToken
+					}
+				}
+			}
+		}
+	}
+	return false,"",""
+}
+
 func (jwtAuth *jwtAuthManager) User(c *gin.Context) map[string]interface{} {
 	var jwtToken *jwtLib.Token
 	if jwtUser, exist := c.Get("User"); !exist {
@@ -83,22 +116,25 @@
 	}
 }
 
-func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) interface{} {
+func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) (bool,string,string) {
 
-	token := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg))
+	jwtToken := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg))
 
-	userStr, err := json.Marshal(user)
-	token.Claims = jwtLib.MapClaims{
+	userStr, _ := json.Marshal(user)
+	jwtToken.Claims = jwtLib.MapClaims{
 		"user": string(userStr),
 		"exp":  time.Now().Add(jwtAuth.expire).Unix(),
 	}
-
-	tokenString, err := token.SignedString([]byte(jwtAuth.secret))
-	if err != nil {
-		return nil
+	token,e1 := jwtToken.SignedString([]byte(jwtAuth.secret))
+	jwtToken.Claims = jwtLib.MapClaims{
+		"user": string(userStr),
+		"exp":  time.Now().Add(jwtAuth.expire + time.Hour * 4).Unix(),
 	}
-
-	return tokenString
+	refreshToken,e2 := jwtToken.SignedString([]byte(jwtAuth.secret))
+	if e1 ==nil && e2 ==nil {
+		return true, token, refreshToken
+	}
+	return false, "", ""
 }
 
 func (jwtAuth *jwtAuthManager) Logout(http *http.Request, w http.ResponseWriter) bool {

--
Gitblit v1.8.0