package util import ( "errors" "fmt" "github.com/dgrijalva/jwt-go" "net/http" "time" "github.com/gin-gonic/gin" ) var secretKey = []byte("my-file-manger") // 用于签名和验证的密钥 const Issuer = "myFileManger" type MyClaims struct { Id int64 Role string jwt.StandardClaims } // GenerateToken 创建一个JWT Token func GenerateToken(id int64, role string) (string, int64, error) { // 设置token的过期时间 expirationTime := time.Now().Add(72 * time.Hour) myClaims := &MyClaims{ Id: id, Role: role, StandardClaims: jwt.StandardClaims{ ExpiresAt: expirationTime.Unix(), Issuer: Issuer, }, } // 创建token token := jwt.NewWithClaims(jwt.SigningMethodHS256, myClaims) // 签名并返回token字符串 signedString, err := token.SignedString(secretKey) return signedString, expirationTime.UnixMilli(), err } // ValidateToken 中间件:验证JWT Token func ValidateToken() gin.HandlerFunc { return func(c *gin.Context) { // 获取请求中的token tokenString, err := c.Cookie("token") if err != nil { c.JSON(http.StatusUnauthorized, gin.H{"code": 401, "msg": "Authorization token is missing"}) c.Abort() return } fmt.Println(tokenString) if tokenString == "" { c.JSON(http.StatusUnauthorized, gin.H{"code": 401, "msg": "Authorization token is missing"}) c.Abort() return } // 解析token token, _ := jwt.ParseWithClaims(tokenString, &MyClaims{}, func(token *jwt.Token) (interface{}, error) { return secretKey, nil }) if token == nil || !token.Valid { c.JSON(http.StatusUnauthorized, gin.H{"code": 401, "msg": "Invalid token"}) c.Abort() return } _, ok := token.Claims.(*MyClaims) if !ok { c.JSON(http.StatusUnauthorized, gin.H{"code": 401, "msg": "Invalid token"}) c.Abort() return } c.Next() // Token验证通过,继续执行后续处理 } } func ValidateTokenToMyClaims(tokenString string) (*MyClaims, error) { token, _ := jwt.ParseWithClaims(tokenString, &MyClaims{}, func(token *jwt.Token) (interface{}, error) { return secretKey, nil }) if token == nil || !token.Valid { return nil, errors.New("Invalid token") } mc, ok := token.Claims.(*MyClaims) if !ok { return nil, errors.New("Invalid token") } return mc, nil } func ParseJWTWithValidation(tokenString string) (*MyClaims, error) { // 解析Token token, err := jwt.ParseWithClaims(tokenString, &jwt.StandardClaims{}, func(token *jwt.Token) (interface{}, error) { // 使用密钥来验证token return secretKey, nil }) if err != nil { return nil, fmt.Errorf("error parsing token: %v", err) } // 断言token为有效类型 if claims, ok := token.Claims.(*MyClaims); ok && token.Valid { return claims, nil } else { return nil, fmt.Errorf("invalid token") } }