go-jwt验证
go-jwt验证
jwt是目前主流令牌加密传输的标准
安装:
go get -u github.com/dgrijalva/jwt-go@v3.2.0
使用:
var jwtKey = []byte("a_secret_crect")
type Claims struct {
UserId uint
jwt.StandardClaims
}
func ReleaseToken(user model.User) (string, error) {
expirationTime := time.Now().Add(7 * 24 * time.Hour)
claims := &Claims{
UserId: user.ID,
StandardClaims: jwt.StandardClaims{
ExpiresAt: expirationTime.Unix(),
IssuedAt: time.Now().Unix(),
Issuer: "oceanlearn.tech",
Subject: "user token",
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString(jwtKey)
if err != nil {
return "", err
}
return tokenString, nil
}
生成token(分为三部分):
1.jwt加密协议
2.创建token时的信息
3.前两部分加上key的hash值,(变化)
{
"code": 200,
"data": {
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVc2VySWQiOjMsImV4cCI6MTYzMDI5NTM0MiwiaWF0IjoxNjI5NjkwNTQyLCJpc3MiOiJvY2VhbmxlYXJuLnRlY2giLCJzdWIiOiJ1c2VyIHRva2VuIn0.0H2lkihz_66KOpKuiq33HCEWnWv13URbVFxSIyz4oyM"
},
"msg": "登录成功"
}
解密:
Decode
HEADER
{
"alg": "HS256",
"typ": "JWT"
}
PAYLOAD
{
"UserId": 3,
"exp": 1630295342,
"iat": 1629690542,
"iss": "oceanlearn.tech",
"sub": "user token"
}
STATUS
Decode Success
参考视频:
https://www.bilibili.com/video/BV1CE411H7bQ?p=5&spm_id_from=pageDriver