🔒 token encryption
This commit is contained in:
landaiqing
38
utils/jwt.go
38
utils/jwt.go
@@ -1,7 +1,9 @@
|
||||
package utils
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"github.com/wumansgy/goEncrypt/aes"
|
||||
"schisandra-cloud-album/global"
|
||||
"time"
|
||||
)
|
||||
@@ -18,19 +20,28 @@ type JWTClaims struct {
|
||||
|
||||
var MySecret []byte
|
||||
|
||||
// GenerateToken generates a JWT token with the given payload
|
||||
func GenerateToken(payload JWTPayload) (string, error) {
|
||||
// GenerateAccessToken generates a JWT token with the given payload
|
||||
func GenerateAccessToken(payload JWTPayload) (string, error) {
|
||||
MySecret = []byte(global.CONFIG.JWT.Secret)
|
||||
claims := JWTClaims{
|
||||
JWTPayload: payload,
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 24)),
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 2)),
|
||||
IssuedAt: jwt.NewNumericDate(time.Now()),
|
||||
NotBefore: jwt.NewNumericDate(time.Now()),
|
||||
},
|
||||
}
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||
return token.SignedString(MySecret)
|
||||
signedString, err := token.SignedString(MySecret)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
accessToken, err := aes.AesCtrEncryptHex([]byte(signedString), []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV))
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
return "", err
|
||||
}
|
||||
return accessToken, nil
|
||||
}
|
||||
|
||||
// GenerateAccessTokenAndRefreshToken generates a JWT token with the given payload, and returns the accessToken and refreshToken
|
||||
@@ -67,13 +78,28 @@ func GenerateAccessTokenAndRefreshToken(payload JWTPayload) (string, string, int
|
||||
global.LOG.Error(err)
|
||||
return "", "", 0
|
||||
}
|
||||
return accessTokenString, refreshTokenString, refreshClaims.ExpiresAt.Time.Unix()
|
||||
accessTokenEncrypted, err := aes.AesCtrEncryptHex([]byte(accessTokenString), []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV))
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
return "", "", 0
|
||||
}
|
||||
refreshTokenEncrypted, err := aes.AesCtrEncryptHex([]byte(refreshTokenString), []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV))
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
return "", "", 0
|
||||
}
|
||||
return accessTokenEncrypted, refreshTokenEncrypted, refreshClaims.ExpiresAt.Time.Unix()
|
||||
}
|
||||
|
||||
// ParseToken parses a JWT token and returns the payload
|
||||
func ParseToken(tokenString string) (*JWTPayload, bool, error) {
|
||||
MySecret = []byte(global.CONFIG.JWT.Secret)
|
||||
token, err := jwt.ParseWithClaims(tokenString, &JWTClaims{}, func(token *jwt.Token) (interface{}, error) {
|
||||
plaintext, err := aes.AesCtrDecryptByHex(tokenString, []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV))
|
||||
if err != nil {
|
||||
global.LOG.Error(err)
|
||||
return nil, false, err
|
||||
}
|
||||
token, err := jwt.ParseWithClaims(string(plaintext), &JWTClaims{}, func(token *jwt.Token) (interface{}, error) {
|
||||
return MySecret, nil
|
||||
})
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user