A series of

  1. Cloud native API Gateway, GRPC-Gateway V2 Exploration
  2. Go + GRPC-gateway (V2) Construction of micro-service combat series, small program login authentication service: the first chapter
  3. Go + GRPC-Gateway (V2) Construction of micro-service combat series, small program login authentication service: the second chapter
  4. Go + GRPC-gateway (V2) to build micro-service combat series, small program login authentication service (three) : RSA(RS512) signature JWT

Client-side strong type constraints, automatically generate API TS type definitions

protobufjs

Official documentation: protobufjs

Installation:

yarn add protobufjs
Copy the code

Node_modules /. Bin displays the following command:

  • pbjs
  • pbts

According to theauth.protoGenerate API TS type definitions

PROTO_PATH=.. /microsvcs/auth/api PBTS_BIN_DIR=./node_modules/.bin PBTS_OUT_DIR=./miniprogram/service/proto_gen/auth mkdir -p$PBTS_OUT_DIR

$PBTS_BIN_DIR/pbjs -t static -w es6 $PROTO_PATH/auth.proto --no-create --no-encode --no-decode --no-verify --no-delimited -o $PBTS_OUT_DIR/auth_pb_tmp.js
echo 'import * as $protobuf from "protobufjs"; \n' > $PBTS_OUT_DIR/auth_pb.js
cat $PBTS_OUT_DIR/auth_pb_tmp.js >> $PBTS_OUT_DIR/auth_pb.js
rm $PBTS_OUT_DIR/auth_pb_tmp.js
$PBTS_BIN_DIR/pbts -o $PBTS_OUT_DIR/auth_pb.d.ts $PBTS_OUT_DIR/auth_pb.js
Copy the code

The script has been placed in miniprogram/gen_ts.sh. Run sh gen_ts.sh in miniprogram to generate the following files:

  • miniprogram/miniprogram/service/proto_gen/auth/auth_pb.js
  • miniprogram/miniprogram/service/proto_gen/auth/auth_pb.d.ts

Modify theapp.ts

Introduction:

import { auth } from "./service/proto_gen/auth/auth_pb"
Copy the code

Make the following changes in the file:

You can see from the figure above that there are property hints. Here we have also added a Camelcase-keys package. It is mainly used to convert the property key from expires_IN transferred on the network to expiresIn.

Token authentication

Coding of actual combat

Specific code in: microsvcs/Shared/auth token/token. Go

type JWTTokenVerifier struct {
	PublicKey *rsa.PublicKey
}
func (v *JWTTokenVerifier) Verify(token string) (string, error) {
	t, err := jwt.ParseWithClaims(token, &jwt.StandardClaims{}, func(t *jwt.Token) (interface{}, error) {
		return v.PublicKey, nil
	})
	iferr ! =nil {
		return "", fmt.Errorf("cannot parse token: %v", err)
	}
	if! t.Valid {return "", fmt.Errorf("token not valid")
	}
	clm, ok := t.Claims.(*jwt.StandardClaims)
	if! ok {return "", fmt.Errorf("token claim is not StandardClaims")}iferr := clm.Valid(); err ! =nil {
		return "", fmt.Errorf("claim not valid: %v", err)
	}
	return clm.Subject, nil
}
Copy the code

The test case

  • normal
  • tokenoverdue
  • badtoken
  • Signature error

Specific code in: microsvcs/Shared/auth token/token_test. Go

Refs

  • API Security : API key is dead.. Long live Distributed Token by value
  • Demo: go-grpc-gateway-v2-microservice
  • gRPC-Gateway
  • gRPC-Gateway Docs
I am weishao wechat: uuhells123 public number: hackers afternoon tea add my wechat (mutual learning exchange), pay attention to the public number (for more learning materials ~)Copy the code