From 7c811247ecf143e08c576986a884bedadc57dd66 Mon Sep 17 00:00:00 2001
From: liuxiaolong <liuxiaolong@aiotlink.com>
Date: 星期五, 05 六月 2020 18:29:41 +0800
Subject: [PATCH] add refresh token to resp

---
 middlewares/auth/jwt.go |   98 +++++++++++++++++++++++++++++++++---------------
 1 files changed, 67 insertions(+), 31 deletions(-)

diff --git a/middlewares/auth/jwt.go b/middlewares/auth/jwt.go
index 01fdab9..accb569 100644
--- a/middlewares/auth/jwt.go
+++ b/middlewares/auth/jwt.go
@@ -13,14 +13,14 @@
 type jwtAuthManager struct {
 	secret string
 	expire time.Duration
-	alg string
+	alg    string
 }
 
-func NewJwtAuthDriver() *jwtAuthManager{
+func NewJwtAuthDriver() *jwtAuthManager {
 	return &jwtAuthManager{
-		secret:TokenKey,
-		expire:time.Hour*8,
-		alg:"HS256",
+		secret: TokenKey,
+		expire: time.Hour * 8,
+		alg:    "HS256",
 	}
 }
 
@@ -34,41 +34,74 @@
 	if len(t) < 2 {
 		return false
 	}
-	var keyFunc = func(token *jwtLib.Token) (interface{},error) {
+	var keyFunc = func(token *jwtLib.Token) (interface{}, error) {
 		b := []byte(jwtAuth.secret)
-		return b,nil
+		return b, nil
 	}
-	authJwtToken, err:= request.ParseFromRequest(c.Request,request.OAuth2Extractor,keyFunc)
-	if err !=nil {
+	authJwtToken, err := request.ParseFromRequest(c.Request, request.OAuth2Extractor, keyFunc)
+	if err != nil {
 		return false
 	}
 
-	c.Set("User",map[string]interface{}{
-		"token":authJwtToken,
+	c.Set("User", map[string]interface{}{
+		"token": authJwtToken,
 	})
 
 	return authJwtToken.Valid
 }
 
-func (jwtAuth *jwtAuthManager) User(c *gin.Context) interface{}{
+func (jwtAuth *jwtAuthManager) RefreshToken(tokenStr string) (bool,string,string) {
+	tokenStr := strings.Replace(tokenStr, "Bearer ", "")
+	if tokenStr != "" {
+		jwtToken, err := jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) {
+			b := []byte(jwtAuth.secret)
+			return b, nil
+		})
+		if err == nil {
+			if claims, ok := jwtToken.Claims.(jwtLib.MapClaims); ok && jwtToken.Valid {
+				var user map[string]interface{}
+				if err := json.Unmarshal([]byte(claims["user"].(string)), &user); err == nil {
+					//鐢熸垚涓�涓柊鐨則oken鍜宺efresh_token鍊�
+					userStr, _ := json.Marshal(user)
+					jwtToken.Claims = jwtLib.MapClaims{
+						"user": string(userStr),
+						"exp":  time.Now().Add(jwtAuth.expire).Unix(),
+					}
+					token,e1 := jwtToken.SignedString([]byte(jwtAuth.secret))
+					jwtToken.Claims = jwtLib.MapClaims{
+						"user": string(userStr),
+						"exp":  time.Now().Add(jwtAuth.expire + time.Hour * 4).Unix(),
+					}
+					refreshToken,e2 := jwtToken.SignedString([]byte(jwtAuth.secret))
+					if e1 ==nil && e2 == nil {
+						return true, token, refreshToken
+					}
+				}
+			}
+		}
+	}
+	return false,"",""
+}
+
+func (jwtAuth *jwtAuthManager) User(c *gin.Context) map[string]interface{} {
 	var jwtToken *jwtLib.Token
-	if jwtUser, exist := c.Get("User");!exist{
-		tokenStr :=strings.Replace(c.Request.Header.Get("Authorization"),"Bearer ","",-1)
-		if tokenStr == ""{
-			return map[interface{}]interface{}{}
+	if jwtUser, exist := c.Get("User"); !exist {
+		tokenStr := strings.Replace(c.Request.Header.Get("Authorization"), "Bearer ", "", -1)
+		if tokenStr == "" {
+			return nil
 		}
 		var err error
-		jwtToken,err = jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) {
-			b :=[]byte(jwtAuth.secret)
-			return b,nil
+		jwtToken, err = jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) {
+			b := []byte(jwtAuth.secret)
+			return b, nil
 		})
-		if err !=nil {
+		if err != nil {
 			return nil
 		}
 	} else {
 		jwtToken = jwtUser.(map[string]interface{})["token"].(*jwtLib.Token)
 	}
-	if claims,ok :=jwtToken.Claims.(jwtLib.MapClaims);ok && jwtToken.Valid{
+	if claims, ok := jwtToken.Claims.(jwtLib.MapClaims); ok && jwtToken.Valid {
 		var user map[string]interface{}
 		if err := json.Unmarshal([]byte(claims["user"].(string)), &user); err != nil {
 			return nil
@@ -83,22 +116,25 @@
 	}
 }
 
-func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) interface{} {
+func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) (bool,string,string) {
 
-	token := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg))
+	jwtToken := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg))
 
-	userStr, err := json.Marshal(user)
-	token.Claims = jwtLib.MapClaims{
+	userStr, _ := json.Marshal(user)
+	jwtToken.Claims = jwtLib.MapClaims{
 		"user": string(userStr),
 		"exp":  time.Now().Add(jwtAuth.expire).Unix(),
 	}
-
-	tokenString, err := token.SignedString([]byte(jwtAuth.secret))
-	if err != nil {
-		return nil
+	token,e1 := jwtToken.SignedString([]byte(jwtAuth.secret))
+	jwtToken.Claims = jwtLib.MapClaims{
+		"user": string(userStr),
+		"exp":  time.Now().Add(jwtAuth.expire + time.Hour * 4).Unix(),
 	}
-
-	return tokenString
+	refreshToken,e2 := jwtToken.SignedString([]byte(jwtAuth.secret))
+	if e1 ==nil && e2 ==nil {
+		return true, token, refreshToken
+	}
+	return false, "", ""
 }
 
 func (jwtAuth *jwtAuthManager) Logout(http *http.Request, w http.ResponseWriter) bool {

--
Gitblit v1.8.0