引入jwt与权限验证机制

pull/30/head
taoshihan1991 4 years ago
parent b531a2280b
commit 38fbabf0b5

@ -8,6 +8,7 @@ import (
"html/template"
"log"
"net/http"
"time"
)
//验证接口
@ -20,7 +21,10 @@ func LoginCheckPass(c *gin.Context) {
sessionId := CheckPass(username, password)
userinfo := make(map[string]interface{})
userinfo["name"] = username
userinfo["create_time"] = time.Now().Unix()
token, err := tools.MakeToken(userinfo)
userinfo["ref_token"]=true
refToken, _ := tools.MakeToken(userinfo)
log.Println(err)
if sessionId != "" {
c.JSON(200, gin.H{
@ -28,6 +32,8 @@ func LoginCheckPass(c *gin.Context) {
"msg": "验证成功,正在跳转",
"result": gin.H{
"token": token,
"ref_token":refToken,
"create_time":userinfo["create_time"],
},
})
return

@ -3,27 +3,35 @@ package middleware
import (
"github.com/gin-gonic/gin"
"github.com/taoshihan1991/imaptool/tools"
"log"
"time"
)
func JwtPageMiddleware(c *gin.Context){
token := c.Query("token")
userinfo := tools.ParseToken(token)
log.Println(userinfo)
if userinfo == nil {
c.Redirect(302,"/login")
c.Abort()
}
//暂时不处理
//token := c.Query("token")
//userinfo := tools.ParseToken(token)
//if userinfo == nil {
// c.Redirect(302,"/login")
// c.Abort()
//}
}
func JwtApiMiddleware(c *gin.Context){
log.Println("路由中间件")
token := c.Query("token")
token := c.GetHeader("token")
userinfo := tools.ParseToken(token)
log.Println(userinfo)
if userinfo == nil {
if userinfo == nil||userinfo["name"]==nil {
c.JSON(200, gin.H{
"code": 400,
"msg": "验证失败",
})
c.Abort()
}
createTime:=int64(userinfo["create_time"].(float64))
var expire int64=2*60*60
nowTime:=time.Now().Unix();
if (nowTime-createTime) >=expire{
c.JSON(200, gin.H{
"code": 401,
"msg": "token失效",
})
c.Abort()
}
}

@ -29,7 +29,7 @@ func main() {
//框架界面
engine.GET("/chat_main",middleware.JwtPageMiddleware,tmpl.PageChatMain)
//验证权限
engine.GET("/check_auth",middleware.JwtApiMiddleware, controller.MainCheckAuth)
engine.POST("/check_auth",middleware.JwtApiMiddleware, controller.MainCheckAuth)
//------------------old code-----------------------------
mux := &http.ServeMux{}
//根路径

@ -195,7 +195,10 @@
message: data.msg,
type: 'success'
});
window.location.href="/main?token="+data.result.token;
localStorage.setItem("token",data.result.token);
localStorage.setItem("ref_token",data.result.ref_token);
localStorage.setItem("create_time",data.result.create_time);
window.location.href="/main";
}else{
_this.$message({
message: data.msg,

@ -80,9 +80,26 @@
var r = window.location.search.substr(1).match(reg);
if(r!=null)return unescape(r[2]); return null;
},
checkAuth(){
let _this=this;
$.ajax({
type:"post",
url:"/check_auth",
headers:{
"token":localStorage.getItem("token")
},
success: function(data) {
if (data.code != 200) {
window.location.href="/login";
} else {
_this.iframeUrl = "/chat_main";
}
}
});
}
},
created: function () {
this.iframeUrl="/chat_main?token="+this.GetQueryString("token");
this.checkAuth();
}
})

@ -2,13 +2,11 @@ package tools
import (
"github.com/dgrijalva/jwt-go"
"time"
)
const SECRET = "taoshihan"
func MakeToken(obj map[string]interface{}) (string, error) {
obj["time"] = time.Now().Unix()
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(obj))
tokenString, err := token.SignedString([]byte(SECRET))
return tokenString, err

Loading…
Cancel
Save