One, in thegin
The use ofjwt-go
To generate atoken
-
1. Installation package
go get -u github.com/dgrijalva/jwt-go Copy the code
-
2. Define the underlying structure
// The signature needs to pass the parameters type HmacUser struct { Id string `json:"id"` Username string `json:"username"` } type MyClaims struct { UserId string `json:"user_id"` Username string `json:"username"` jwt.StandardClaims } // Login parameters type LoginStruct struct { Username string `json:"username"` Password string `json:"password"` } // Certificate signing key var jwtKey = []byte("abc") Copy the code
-
3. Define the method for generating tokens
// Define a method to generate tokens func generateToken(u HmacUser) (string, error) { // Define the expiration time, which expires in 7 days expirationTime := time.Now().Add(7 * 24 * time.Hour) claims := &MyClaims{ UserId: u.Id, Username: u.Username, StandardClaims: jwt.StandardClaims{ ExpiresAt: expirationTime.Unix(), // Expiration time IssuedAt: time.Now().Unix(), // Release time Subject: "token"./ / theme Issuer: "Water mark"./ / publisher}},// Make sure you don't write the wrong words token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) tokenString, err := token.SignedString(jwtKey) iferr ! =nil { return "", err } return tokenString, nil } Copy the code
-
4. Define a path to generate tokens
router := gin.Default() router.POST("/login".func(c *gin.Context) { var loginStruct LoginStruct err := c.BindJSON(&loginStruct) iferr ! =nil { fmt.Println("Parsing data error") c.JSON(http.StatusOK, gin.H{ "code": 1."message": "Parsing data error",})return } // do not perform table lookup to verify username and password fmt.Println("Login Parameters", loginStruct) // to the method that generates the token userInfo := HmacUser{ Id: "1", Username: loginStruct.Username, } token, err := generateToken(userInfo) iferr ! =nil { fmt.Println(err, "= = =") c.JSON(http.StatusOK, gin.H{ "code": 1."message": "Token generation failed",})return } c.JSON(http.StatusOK, gin.H{ "code": 0."message": "Login successful"."token": token, }) }) Copy the code
Second, use middleware to verify what the client passestoken
-
1. Parse the token
// Define a method to resolve tokens func parseToken(tokenString string) (*jwt.Token, *MyClaims, error) { claims := &MyClaims{} token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) { return jwtKey, nil }) return token, claims, err } Copy the code
-
2. Validate tokens in middleware
// Define middleware func AuthMiddleware(a) gin.HandlerFunc { return func(c *gin.Context) { // Get the token from the request header tokeString := c.GetHeader("token") fmt.Println(tokeString, "The current token") if tokeString == "" { c.JSON(http.StatusOK, gin.H{ "code": 1."message": "Tokens must be passed", }) c.Abort() return } token, claims, err := parseToken(tokeString) iferr ! =nil| |! token.Valid { c.JSON(http.StatusOK, gin.H{"code": 1."message": "Token resolution error", }) c.Abort() return } // The data parsed from the token is mounted to the context for later controllers to use c.Set("userId", claims.UserId) c.Set("userName", claims.Username) c.Next() } } Copy the code
-
3. Define routing using middleware
// Use middleware router.POST("/check_token", AuthMiddleware(), func(c *gin.Context) { if userName, exists := c.Get("userName"); exists { fmt.Println("Current user", userName) } c.JSON(http.StatusOK, gin.H{ "code": 0."message": "Verification successful",})})Copy the code