From 1eba5463253ed90b181441d8adb20a0d155f2379 Mon Sep 17 00:00:00 2001
From: Michael Li <alimy@gility.net>
Date: Sat, 7 Oct 2023 22:04:25 +0800
Subject: [PATCH] optimize issuer generate logic for jwt token

---
 internal/servants/chain/jwt.go |  5 ++---
 pkg/app/jwt.go                 | 18 ++++++++++++++----
 2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/internal/servants/chain/jwt.go b/internal/servants/chain/jwt.go
index 04ccd58e..1400808d 100644
--- a/internal/servants/chain/jwt.go
+++ b/internal/servants/chain/jwt.go
@@ -10,7 +10,6 @@ import (
 
 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt/v5"
-	"github.com/rocboss/paopao-ce/internal/conf"
 	"github.com/rocboss/paopao-ce/pkg/app"
 	"github.com/rocboss/paopao-ce/pkg/xerror"
 )
@@ -41,7 +40,7 @@ func JWT() gin.HandlerFunc {
 				// 加载用户信息
 				if user, err := ums.GetUserByID(claims.UID); err == nil {
 					// 强制下线机制
-					if (conf.JWTSetting.Issuer + ":" + user.Salt) == claims.Issuer {
+					if app.IssuerFrom(user.Salt) == claims.Issuer {
 						c.Set("USER", user)
 						c.Set("UID", claims.UID)
 						c.Set("USERNAME", claims.Username)
@@ -133,7 +132,7 @@ func JwtLoose() gin.HandlerFunc {
 			if claims, err := app.ParseToken(token); err == nil {
 				// 加载用户信息
 				user, err := ums.GetUserByID(claims.UID)
-				if err == nil && (conf.JWTSetting.Issuer+":"+user.Salt) == claims.Issuer {
+				if err == nil && app.IssuerFrom(user.Salt) == claims.Issuer {
 					c.Set("UID", claims.UID)
 					c.Set("USERNAME", claims.Username)
 					c.Set("USER", user)
diff --git a/pkg/app/jwt.go b/pkg/app/jwt.go
index 28c9f439..75a43f7a 100644
--- a/pkg/app/jwt.go
+++ b/pkg/app/jwt.go
@@ -5,6 +5,8 @@
 package app
 
 import (
+	"crypto/md5"
+	"encoding/hex"
 	"time"
 
 	"github.com/golang-jwt/jwt/v5"
@@ -22,14 +24,14 @@ func GetJWTSecret() []byte {
 	return []byte(conf.JWTSetting.Secret)
 }
 
-func GenerateToken(User *ms.User) (string, error) {
+func GenerateToken(user *ms.User) (string, error) {
 	expireTime := time.Now().Add(conf.JWTSetting.Expire)
 	claims := Claims{
-		UID:      User.ID,
-		Username: User.Username,
+		UID:      user.ID,
+		Username: user.Username,
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(expireTime),
-			Issuer:    conf.JWTSetting.Issuer + ":" + User.Salt,
+			Issuer:    IssuerFrom(user.Salt),
 		},
 	}
 
@@ -50,3 +52,11 @@ func ParseToken(token string) (res *Claims, err error) {
 	}
 	return
 }
+
+func IssuerFrom(data string) string {
+	contents := make([]byte, 0, len(conf.JWTSetting.Issuer)+len(data))
+	copy(contents, []byte(conf.JWTSetting.Issuer))
+	contents = append(contents, []byte(data)...)
+	res := md5.Sum(contents)
+	return hex.EncodeToString(res[:])
+}