optimize issuer generate logic for jwt token

pull/398/head
Michael Li 1 year ago
parent e214da7daf
commit 1eba546325
No known key found for this signature in database

@ -10,7 +10,6 @@ import (
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
"github.com/rocboss/paopao-ce/internal/conf"
"github.com/rocboss/paopao-ce/pkg/app" "github.com/rocboss/paopao-ce/pkg/app"
"github.com/rocboss/paopao-ce/pkg/xerror" "github.com/rocboss/paopao-ce/pkg/xerror"
) )
@ -41,7 +40,7 @@ func JWT() gin.HandlerFunc {
// 加载用户信息 // 加载用户信息
if user, err := ums.GetUserByID(claims.UID); err == nil { if user, err := ums.GetUserByID(claims.UID); err == nil {
// 强制下线机制 // 强制下线机制
if (conf.JWTSetting.Issuer + ":" + user.Salt) == claims.Issuer { if app.IssuerFrom(user.Salt) == claims.Issuer {
c.Set("USER", user) c.Set("USER", user)
c.Set("UID", claims.UID) c.Set("UID", claims.UID)
c.Set("USERNAME", claims.Username) c.Set("USERNAME", claims.Username)
@ -133,7 +132,7 @@ func JwtLoose() gin.HandlerFunc {
if claims, err := app.ParseToken(token); err == nil { if claims, err := app.ParseToken(token); err == nil {
// 加载用户信息 // 加载用户信息
user, err := ums.GetUserByID(claims.UID) user, err := ums.GetUserByID(claims.UID)
if err == nil && (conf.JWTSetting.Issuer+":"+user.Salt) == claims.Issuer { if err == nil && app.IssuerFrom(user.Salt) == claims.Issuer {
c.Set("UID", claims.UID) c.Set("UID", claims.UID)
c.Set("USERNAME", claims.Username) c.Set("USERNAME", claims.Username)
c.Set("USER", user) c.Set("USER", user)

@ -5,6 +5,8 @@
package app package app
import ( import (
"crypto/md5"
"encoding/hex"
"time" "time"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
@ -22,14 +24,14 @@ func GetJWTSecret() []byte {
return []byte(conf.JWTSetting.Secret) return []byte(conf.JWTSetting.Secret)
} }
func GenerateToken(User *ms.User) (string, error) { func GenerateToken(user *ms.User) (string, error) {
expireTime := time.Now().Add(conf.JWTSetting.Expire) expireTime := time.Now().Add(conf.JWTSetting.Expire)
claims := Claims{ claims := Claims{
UID: User.ID, UID: user.ID,
Username: User.Username, Username: user.Username,
RegisteredClaims: jwt.RegisteredClaims{ RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(expireTime), ExpiresAt: jwt.NewNumericDate(expireTime),
Issuer: conf.JWTSetting.Issuer + ":" + User.Salt, Issuer: IssuerFrom(user.Salt),
}, },
} }
@ -50,3 +52,11 @@ func ParseToken(token string) (res *Claims, err error) {
} }
return return
} }
func IssuerFrom(data string) string {
contents := make([]byte, 0, len(conf.JWTSetting.Issuer)+len(data))
copy(contents, []byte(conf.JWTSetting.Issuer))
contents = append(contents, []byte(data)...)
res := md5.Sum(contents)
return hex.EncodeToString(res[:])
}

Loading…
Cancel
Save