go-jwt驗證
阿新 • • 發佈:2021-10-15
go-jwt驗證
jwt是目前主流令牌加密傳輸的標準
安裝:
go get -u github.com/dgrijalva/[email protected]
使用:
var jwtKey = []byte("a_secret_crect") type Claims struct { UserId uint jwt.StandardClaims } func ReleaseToken(user model.User) (string, error) { expirationTime := time.Now().Add(7 * 24 * time.Hour) claims := &Claims{ UserId: user.ID, StandardClaims: jwt.StandardClaims{ ExpiresAt: expirationTime.Unix(), IssuedAt: time.Now().Unix(), Issuer: "oceanlearn.tech", Subject: "user token", }, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) tokenString, err := token.SignedString(jwtKey) if err != nil { return "", err } return tokenString, nil }
生成token(分為三部分):
1.jwt加密協議
2.建立token時的資訊
3.前兩部分加上key的hash值,(變化)
{ "code": 200, "data": { "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVc2VySWQiOjMsImV4cCI6MTYzMDI5NTM0MiwiaWF0IjoxNjI5NjkwNTQyLCJpc3MiOiJvY2VhbmxlYXJuLnRlY2giLCJzdWIiOiJ1c2VyIHRva2VuIn0.0H2lkihz_66KOpKuiq33HCEWnWv13URbVFxSIyz4oyM" }, "msg": "登入成功" }
解密:
Decode
HEADER
{
"alg": "HS256",
"typ": "JWT"
}
PAYLOAD
{
"UserId": 3,
"exp": 1630295342,
"iat": 1629690542,
"iss": "oceanlearn.tech",
"sub": "user token"
}
STATUS
Decode Success
參考視訊:
https://www.bilibili.com/video/BV1CE411H7bQ?p=5&spm_id_from=pageDriver