root
/
yibu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
202 Commits
3 Branches
29 Tags
39 MiB
Tree: 78209ed65d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '78209ed65d'
${ noResults }
yibu/QMPlusServer/middleware/jwt.go

137 lines
3.4 KiB
Raw Normal View History

项目基本构成
5 years ago
增加了多点登录限制 体验需要再 static\config中 把 system中的useMultipoint 修改为 true
5 years ago
修改包名main-->gin-vue-admin
5 years ago
增加jwt主动失效功能(next:多点登录限制
5 years ago
项目基本构成
5 years ago
增加获取路由树功能
5 years ago
项目基本构成
5 years ago
增加jwt主动失效功能(next:多点登录限制
5 years ago
增加了多点登录限制 体验需要再 static\config中 把 system中的useMultipoint 修改为 true
5 years ago
增加jwt主动失效功能(next:多点登录限制
5 years ago
项目基本构成
5 years ago
增加了用户权限设置
5 years ago
项目基本构成
5 years ago
增加了多点登录限制 体验需要再 static\config中 把 system中的useMultipoint 修改为 true
5 years ago
修改掉线提示语 修改readme内容
5 years ago
增加jwt主动失效功能(next:多点登录限制
5 years ago
项目基本构成
5 years ago
用户关联查询 jwt鉴权调整 api删除调整 authorityId默认类型调整
5 years ago
项目基本构成
5 years ago
增加了用户权限设置
5 years ago
项目基本构成
5 years ago
后台格式规范化 引入casbin做鉴权
5 years ago
项目基本构成
5 years ago
增加了多点登录限制 体验需要再 static\config中 把 system中的useMultipoint 修改为 true
5 years ago
项目基本构成
5 years ago
增加获取路由树功能
5 years ago
用户关联查询 jwt鉴权调整 api删除调整 authorityId默认类型调整
5 years ago
项目基本构成
5 years ago
增加了多点登录限制 体验需要再 static\config中 把 system中的useMultipoint 修改为 true
5 years ago
项目基本构成
5 years ago
  1. package middleware
  3. import (
  4. "errors"
  5. "gin-vue-admin/config"
  6. "gin-vue-admin/controller/servers"
  7. "gin-vue-admin/model/sysModel"
  8. "github.com/dgrijalva/jwt-go"
  9. "github.com/gin-gonic/gin"
  10. uuid "github.com/satori/go.uuid"
  11. "time"
  12. )
  14. func JWTAuth() gin.HandlerFunc {
  15. return func(c *gin.Context) {
  16. // 我们这里jwt鉴权取头部信息 x-token 登录时回返回token信息 这里前端需要把token存储到cookie或者本地localSstorage中 不过需要跟后端协商过期时间 可以约定刷新令牌或者重新登录
  17. token := c.Request.Header.Get("x-token")
  18. ModelToken := sysModel.JwtBlacklist{
  19. Jwt: token,
  20. }
  21. if token == "" {
  22. servers.ReportFormat(c, false, "未登录或非法访问", gin.H{
  23. "reload": true,
  24. })
  25. c.Abort()
  26. return
  27. }
  28. if ModelToken.IsBlacklist(token) {
  29. servers.ReportFormat(c, false, "您的帐户异地登陆或令牌失效", gin.H{
  30. "reload": true,
  31. })
  32. c.Abort()
  33. return
  34. }
  35. j := NewJWT()
  36. // parseToken 解析token包含的信息
  37. claims, err := j.ParseToken(token)
  38. if err != nil {
  39. if err == TokenExpired {
  40. servers.ReportFormat(c, false, "授权已过期", gin.H{
  41. "reload": true,
  42. })
  43. c.Abort()
  44. return
  45. }
  46. servers.ReportFormat(c, false, err.Error(), gin.H{
  47. "reload": true,
  48. })
  49. c.Abort()
  50. return
  51. }
  52. c.Set("claims", claims)
  53. c.Next()
  54. }
  55. }
  57. type JWT struct {
  58. SigningKey []byte
  59. }
  61. var (
  62. TokenExpired error = errors.New("Token is expired")
  63. TokenNotValidYet error = errors.New("Token not active yet")
  64. TokenMalformed error = errors.New("That's not even a token")
  65. TokenInvalid error = errors.New("Couldn't handle this token:")
  66. )
  68. type CustomClaims struct {
  69. UUID uuid.UUID
  70. ID uint
  71. NickName string
  72. AuthorityId string
  73. jwt.StandardClaims
  74. }
  76. func NewJWT() *JWT {
  77. return &JWT{
  78. []byte(config.GinVueAdminconfig.JWT.SigningKey),
  79. }
  80. }
  82. //创建一个token
  83. func (j *JWT) CreateToken(claims CustomClaims) (string, error) {
  84. token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
  85. return token.SignedString(j.SigningKey)
  86. }
  88. //解析 token
  89. func (j *JWT) ParseToken(tokenString string) (*CustomClaims, error) {
  90. token, err := jwt.ParseWithClaims(tokenString, &CustomClaims{}, func(token *jwt.Token) (i interface{}, e error) {
  91. return j.SigningKey, nil
  92. })
  93. if err != nil {
  94. if ve, ok := err.(*jwt.ValidationError); ok {
  95. if ve.Errors&jwt.ValidationErrorMalformed != 0 {
  96. return nil, TokenMalformed
  97. } else if ve.Errors&jwt.ValidationErrorExpired != 0 {
  98. // Token is expired
  99. return nil, TokenExpired
  100. } else if ve.Errors&jwt.ValidationErrorNotValidYet != 0 {
  101. return nil, TokenNotValidYet
  102. } else {
  103. return nil, TokenInvalid
  104. }
  105. }
  106. }
  107. if token != nil {
  108. if claims, ok := token.Claims.(*CustomClaims); ok && token.Valid {
  109. return claims, nil
  110. }
  111. return nil, TokenInvalid
  113. } else {
  114. return nil, TokenInvalid
  116. }
  118. }
  120. // 更新token
  121. func (j *JWT) RefreshToken(tokenString string) (string, error) {
  122. jwt.TimeFunc = func() time.Time {
  123. return time.Unix(0, 0)
  124. }
  125. token, err := jwt.ParseWithClaims(tokenString, &CustomClaims{}, func(token *jwt.Token) (interface{}, error) {
  126. return j.SigningKey, nil
  127. })
  128. if err != nil {
  129. return "", err
  130. }
  131. if claims, ok := token.Claims.(*CustomClaims); ok && token.Valid {
  132. jwt.TimeFunc = time.Now
  133. claims.StandardClaims.ExpiresAt = time.Now().Add(1 * time.Hour).Unix()
  134. return j.CreateToken(*claims)
  135. }
  136. return "", TokenInvalid
  137. }