forked from YaoApp/yao
-
Notifications
You must be signed in to change notification settings - Fork 0
/
guard.go
54 lines (46 loc) · 1.32 KB
/
guard.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package global
import (
"fmt"
"strings"
"github.com/dgrijalva/jwt-go"
"github.com/gin-gonic/gin"
"github.com/yaoapp/xiang/user"
"github.com/yaoapp/xiang/xlog"
)
// Guards 服务中间件
var Guards = map[string]gin.HandlerFunc{
"bearer-jwt": bearerJWT, // JWT 鉴权
}
// JWT 鉴权
func bearerJWT(c *gin.Context) {
tokenString := c.Request.Header.Get("Authorization")
if tokenString == "" {
c.JSON(403, gin.H{"code": 403, "message": "无权访问该页面"})
c.Abort()
return
}
tokenString = strings.TrimSpace(strings.TrimPrefix(tokenString, "Bearer "))
if Conf.Mode == "debug" {
xlog.Printf("JWT: %s Secret: %s", tokenString, Conf.JWT.Secret)
}
token, err := jwt.ParseWithClaims(tokenString, &user.JwtClaims{}, func(token *jwt.Token) (interface{}, error) {
return []byte(Conf.JWT.Secret), nil
})
if err != nil {
xlog.Printf("JWT ParseWithClaims Error: %s", err)
c.JSON(403, gin.H{"code": 403, "message": fmt.Sprintf("登录已过期或令牌失效(%s)", err)})
c.Abort()
return
}
if claims, ok := token.Claims.(*user.JwtClaims); ok && token.Valid {
c.Set("id", claims.Subject)
c.Set("type", claims.Type)
c.Set("name", claims.Name)
c.Next()
return
}
// fmt.Println("bearer-JWT", token.Claims.Valid())
c.JSON(403, gin.H{"code": 403, "message": "无权访问该页面"})
c.Abort()
return
}