add jwt files

2023-01-30 19:56:31 +08:00
parent 591543d2a8
commit 81e33fa544
12 changed files with 1226 additions and 47 deletions
--- a/providers/jwt/jwt.go
+++ b/providers/jwt/jwt.go
@@ -0,0 +1,118 @@
+package jwt
+
+import (
+	"atom/container"
+	"atom/providers/config"
+	"errors"
+	"log"
+	"time"
+
+	jwt "github.com/golang-jwt/jwt/v4"
+	uuid "github.com/satori/go.uuid"
+	"golang.org/x/sync/singleflight"
+)
+
+func init() {
+	if err := container.Container.Provide(NewJWT); err != nil {
+		log.Fatal(err)
+	}
+}
+
+// Custom claims structure
+type CustomClaims struct {
+	BaseClaims
+	BufferTime int64
+	jwt.StandardClaims
+}
+
+type BaseClaims struct {
+	UUID        uuid.UUID
+	ID          uint
+	Username    string
+	NickName    string
+	AuthorityId uint
+}
+
+type JWT struct {
+	config       *config.Config
+	singleflight *singleflight.Group
+	SigningKey   []byte
+}
+
+var (
+	TokenExpired     = errors.New("Token is expired")
+	TokenNotValidYet = errors.New("Token not active yet")
+	TokenMalformed   = errors.New("That's not even a token")
+	TokenInvalid     = errors.New("Couldn't handle this token:")
+)
+
+func NewJWT(config *config.Config) (*JWT, error) {
+	return &JWT{
+		config:     config,
+		SigningKey: []byte(config.Http.JWT.SigningKey),
+	}, nil
+}
+
+func (j *JWT) CreateClaims(baseClaims BaseClaims) CustomClaims {
+	bf, _ := time.ParseDuration(j.config.Http.JWT.BufferTime)
+	ep, _ := time.ParseDuration(j.config.Http.JWT.ExpiresTime)
+	claims := CustomClaims{
+		BaseClaims: baseClaims,
+		BufferTime: int64(bf / time.Second), // 缓冲时间1天 缓冲时间内会获得新的token刷新令牌 此时一个用户会存在两个有效令牌 但是前端只留一个 另一个会丢失
+		StandardClaims: jwt.StandardClaims{
+			NotBefore: time.Now().Unix() - 1000,  // 签名生效时间
+			ExpiresAt: time.Now().Add(ep).Unix(), // 过期时间 7天  配置文件
+			Issuer:    j.config.Http.JWT.Issuer,  // 签名的发行者
+		},
+	}
+	return claims
+}
+
+// 创建一个token
+func (j *JWT) CreateToken(claims CustomClaims) (string, error) {
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString(j.SigningKey)
+}
+
+// CreateTokenByOldToken 旧token 换新token 使用归并回源避免并发问题
+func (j *JWT) CreateTokenByOldToken(oldToken string, claims CustomClaims) (string, error) {
+	v, err, _ := j.singleflight.Do("JWT:"+oldToken, func() (interface{}, error) {
+		return j.CreateToken(claims)
+	})
+	return v.(string), err
+}
+
+// 解析 token
+func (j *JWT) ParseToken(tokenString string) (*CustomClaims, error) {
+	token, err := jwt.ParseWithClaims(tokenString, &CustomClaims{}, func(token *jwt.Token) (i interface{}, e error) {
+		return j.SigningKey, nil
+	})
+	if err != nil {
+		if ve, ok := err.(*jwt.ValidationError); ok {
+			if ve.Errors&jwt.ValidationErrorMalformed != 0 {
+				return nil, TokenMalformed
+			} else if ve.Errors&jwt.ValidationErrorExpired != 0 {
+				// Token is expired
+				return nil, TokenExpired
+			} else if ve.Errors&jwt.ValidationErrorNotValidYet != 0 {
+				return nil, TokenNotValidYet
+			} else {
+				return nil, TokenInvalid
+			}
+		}
+	}
+	if token != nil {
+		if claims, ok := token.Claims.(*CustomClaims); ok && token.Valid {
+			return claims, nil
+		}
+		return nil, TokenInvalid
+
+	} else {
+		return nil, TokenInvalid
+	}
+}
+
+// 解析 token
+func (j *JWT) ParseCliam(claim string) (*CustomClaims, error) {
+
+}