cfn/ubiquitous-computing-scheduling
Code Issues Proposed changes
ubiquitous-computing-schedu.../server/internal/pkg/auth/jwt.go
liuhaijun e94826ce29 add server 
Change-Id: I0760f17f6a01c0121b59fcbfafc666032dbc30af
2024-09-19 09:44:15 +00:00

99 lines
2.5 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package auth
import (
"errors"
"git.inspur.com/sbg-jszt/cfn/cfn-schedule/internal/model/user"
"github.com/dgrijalva/jwt-go"
"time"
)
const (
TokenExpired = "token expired"
)
var (
UnexpectedSingingMethod = errors.New("unexpected signing method")
UnknownEntity = errors.New("unknown entity")
)
type entity struct {
Encrypted string `json:"encrypted"`
//------------更改token后新增的兼容权限系统的token内容 -by King 2022-10-07
Username string `json:"login_loginname"`
Token string `json:"token"`
Role int32 `json:"role"`
//-------------
LoginAppId string `json:"login_app_id"`
LoginUid string `json:"login_uid"`
LoginAccountId string `json:"login_account_id"`
ClientIp string `json:"client_ip"`
LoginAccountName string `json:"login_account_name"`
UsersAppId string `json:"users_app_id"`
LoginUname string `json:"login_uname"`
jwt.StandardClaims
}
func Authorize(authToken string, user *user.UserObj) (string, error) {
if authToken == "" || user == nil {
return "", nil
}
var jwtToken *jwt.Token
// 设置时钟偏移量
jwt.TimeFunc = func() time.Time {
return time.Now().Add(60 * time.Second)
}
jwtToken, err := jwt.ParseWithClaims(authToken, &entity{}, validateSecret)
if err != nil {
return "", err
}
obj, ok := jwtToken.Claims.(*entity)
if !ok {
return "", UnknownEntity
}
obj.Token = user.APIToken
obj.Role = user.Role
obj.Encrypted = user.EncryptedPassword
jwtToken = jwt.NewWithClaims(jwt.SigningMethodHS512, obj)
var rawToken string
if rawToken, err = jwtToken.SignedString(secret); err != nil {
return "", err
}
return rawToken, nil
}
func Validate(rawToken string) (loginInfo *LoginInfo, err error) {
var token *jwt.Token
if token, err = jwt.ParseWithClaims(rawToken, &entity{}, validateSecret); err != nil {
return nil, err
}
obj, ok := token.Claims.(*entity)
if !ok {
return nil, UnknownEntity
}
loginInfo = &LoginInfo{
Username: obj.Username,
DisplayName: obj.LoginAccountName,
Token: obj.Token,
UserID: obj.LoginAccountId,
Role: obj.Role,
}
return
}
func IsTokenExpiredErr(err error) bool {
if jve, ok := err.(*jwt.ValidationError); ok && jve.Inner != nil {
return jve.Errors&jwt.ValidationErrorExpired == jwt.ValidationErrorExpired
}
return false
}
func validateSecret(token *jwt.Token) (obj interface{}, err error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
err = UnexpectedSingingMethod
return
}
return secret, nil
}
View Git Blame Copy Permalink