go语言beego框架jwt身份认证实现示例

一 引入jwt

jwt用户身份验证

go get github.com/dgrijalva/jwt-go

二 框架中引入jwt

import (
"fmt"
"github.com/astaxie/beego"
"github.com/dgrijalva/jwt-go"
"time"
)

三 使用

声明jwt需要用到的结构体

const (
KEY                    string = "JWT-ARY-STARK"
DEFAULT_EXPIRE_SECONDS int    = 600 //默认过期时间（s）
)
type User struct {
Id   string `json:"id"`
Name string `json:"json"`
}
// JWT -- json web token
// HEADER PAYLOAD SIGNATURE
// This struct is the PAYLOAD
type MyCustomClaims struct {
User
jwt.StandardClaims
}

结果 

1234567891011121314151617

封装方法

//刷新jwt token
func RefreshToken(tokenString string) (string, error) {
// first get previous token
token, err := jwt.ParseWithClaims(
tokenString,
&MyCustomClaims{},
func(token *jwt.Token) (interface{}, error) {
return []byte(KEY), nil
})
claims, ok := token.Claims.(*MyCustomClaims)
if !ok || !token.Valid {
return "", err
}
mySigningKey := []byte(KEY)
expireAt := time.Now().Add(time.Second * time.Duration(DEFAULT_EXPIRE_SECONDS)).Unix()
newClaims := MyCustomClaims{
claims.User,
jwt.StandardClaims{
ExpiresAt: expireAt,
Issuer:    claims.User.Name,
IssuedAt:  time.Now().Unix(),
},
}
// generate new token with new claims
newToken := jwt.NewWithClaims(jwt.SigningMethodHS256, newClaims)
tokenStr, err := newToken.SignedString(mySigningKey)
if err != nil {
fmt.Println("generate new fresh json web token failed !! error :", err)
return "", err
}
return tokenStr, err
}
//验证jtw token
func ValidateToken(tokenString string) (info User, err error) {
token, err := jwt.ParseWithClaims(
tokenString,
&MyCustomClaims{},
func(token *jwt.Token) (interface{}, error) {
return []byte(KEY), nil
})
if claims, ok := token.Claims.(*MyCustomClaims); ok && token.Valid {
//fmt.Printf("％v ％v", claims.User, claims.StandardClaims.ExpiresAt)
//fmt.Println("token will be expired at ", time.Unix(claims.StandardClaims.ExpiresAt, 0))
info = claims.User
} else {
fmt.Println("validate tokenString failed !!!", err)
}
return
}
//获取jwt token
func GenerateToken(info *User, expiredSeconds int) (tokenString string, err error) {
if expiredSeconds == 0 {
expiredSeconds = DEFAULT_EXPIRE_SECONDS
}
// Create the Claims
mySigningKey := []byte(KEY)
expireAt := time.Now().Add(time.Second * time.Duration(expiredSeconds)).Unix()
fmt.Println("token will be expired at ", time.Unix(expireAt, 0))
// pass parameter to this func or not
user := *info
claims := MyCustomClaims{
user,
jwt.StandardClaims{
ExpiresAt: expireAt,
Issuer:    user.Name,
IssuedAt:  time.Now().Unix(),
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenStr, err := token.SignedString(mySigningKey)
if err != nil {
fmt.Println("generate json web token failed !! error :", err)
} else {
tokenString = tokenStr
}
return
}
// return this result to client then all later request should have header "Authorization: Bearer <token> "
func getHeaderTokenValue(tokenString string) string {
//Authorization: Bearer <token>
return fmt.Sprintf("Bearer ％s", tokenString)
}

结果 

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485

使用

//获取token
func (this *UserController) Get() {
user := User{1, "gangan"}
token, err := GenerateToken(&amp;user, 0);
if err != nil {
fmt.Println(err)
}else {
//获取jwt
this.Ctx.WriteString(token)
}
}
//验证token
func (this *UserController) Check() {
token := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwianNvbiI6ImdhbmdhbiIsImV4cCI6MTU3ODU1NDMyOCwiaWF0IjoxNTc4NTUzNzI4LCJpc3MiOiJnYW5nYW4ifQ.jOlMlfLMFBJvyrJTLagrwQx2931LzM7Z0EVMFZ75xYI"
info, err := ValidateToken(token)
if err != nil {
this.Ctx.WriteString(err.Error())
this.StopRun()
}
fmt.Println(info)
this.Ctx.WriteString("success")
}

来源：https://www.cnblogs.com/guyouyin123/p/14085032.html