golang-jwt
JWT (JSON web token) is commonly used for authentication in projects with front-end and back-end separation. GoFrame does not provide built-in support for generating and validating JWTs, so third-party libraries like golang-jwt
are often used.
Here's a simple usage example:
- Installation
go get -u github.com/golang-jwt/jwt/v5
- Import
import "github.com/golang-jwt/jwt/v5"
- Generating a token
func (c *Controller) Jwt(req *ghttp.Request) {
type UserClaims struct {
UserID uint
UserName string
jwt.RegisteredClaims
}
const key = "arandomstring"
claim := UserClaims{
UserID: 1011,
UserName: "张之维",
RegisteredClaims: jwt.RegisteredClaims{
Subject: "张之维",
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 10)),
},
}
token, err := jwt.NewWithClaims(jwt.SigningMethodHS256, claim).SignedString([]byte(key))
if err == nil {
req.Response.Writeln(token)
} else {
req.Response.Writeln(err)
}
}
- Token validation
func (c *Controller) Jwt(req *ghttp.Request) {
type UserClaims struct {
UserID uint
UserName string
jwt.RegisteredClaims
}
const key = "arandomstring"
token := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVc2VySUQiOjEwMTEsIlVzZXJOYW1lIjoi5byg5LmL57u0Iiwic3ViIjoi5byg5LmL57u0IiwiZXhwIjoxNjk4NjcxMjA3fQ.r11R1_WcDueBU52BoUjDS94jqemgrhU-V4WW7YSvXWE"
result, err := jwt.ParseWithClaims(token, &UserClaims{}, func(t *jwt.Token) (interface{}, error) {
return []byte(key), nil
})
if err == nil && result.Valid {
claim, ok := result.Claims.(*UserClaims)
if ok {
req.Response.Writeln("Token validation successful")
req.Response.Writeln(claim)
}
req.Response.Writeln(result.Claims)
} else {
req.Response.Writeln(err)
}
}
jwt.RegisteredClaims
type RegisteredClaims struct {
// Issuer
Issuer string `json:"iss,omitempty"`
// Subject - the subject of the token usage
Subject string `json:"sub,omitempty"`
// Audience
Audience ClaimStrings `json:"aud,omitempty"`
// Expiration time
ExpiresAt *NumericDate `json:"exp,omitempty"`
// Not before time
NotBefore *NumericDate `json:"nbf,omitempty"`
// Issued at time
IssuedAt *NumericDate `json:"iat,omitempty"`
// JWT ID - a unique identifier for this JWT to prevent reuse of the token
ID string `json:"jti,omitempty"`
}
Here's the translated Markdown content:
```markdown
# golang-jwt
JWT (JSON web token) is commonly used for authentication in projects with front-end and back-end separation. GoFrame does not provide built-in support for generating and validating JWTs, so third-party libraries like `golang-jwt` are often used.
Here's a simple usage example:
- Installation
```shell
go get -u github.com/golang-jwt/jwt/v5
- Import
import "github.com/golang-jwt/jwt/v5"
- Generating a token
func (c *Controller) Jwt(req *ghttp.Request) {
type UserClaims struct {
UserID uint
UserName string
jwt.RegisteredClaims
}
const key = "arandomstring"
claim := UserClaims{
UserID: 1011,
UserName: "张之维",
RegisteredClaims: jwt.RegisteredClaims{
Subject: "张之维",
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 10)),
},
}
token, err := jwt.NewWithClaims(jwt.SigningMethodHS256, claim).SignedString([]byte(key))
if err == nil {
req.Response.Writeln(token)
} else {
req.Response.Writeln(err)
}
}
- Token validation
func (c *Controller) Jwt(req *ghttp.Request) {
type UserClaims struct {
UserID uint
UserName string
jwt.RegisteredClaims
}
const key = "arandomstring"
token := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVc2VySUQiOjEwMTEsIlVzZXJOYW1lIjoi5byg5LmL57u0Iiwic3ViIjoi5byg5LmL57u0IiwiZXhwIjoxNjk4NjcxMjA3fQ.r11R1_WcDueBU52BoUjDS94jqemgrhU-V4WW7YSvXWE"
result, err := jwt.ParseWithClaims(token, &UserClaims{}, func(t *jwt.Token) (interface{}, error) {
return []byte(key), nil
})
if err == nil && result.Valid {
claim, ok := result.Claims.(*UserClaims)
if ok {
req.Response.Writeln("Token validation successful")
req.Response.Writeln(claim)
}
req.Response.Writeln(result.Claims)
} else {
req.Response.Writeln(err)
}
}
jwt.RegisteredClaims
type RegisteredClaims struct {
// Issuer
Issuer string `json:"iss,omitempty"`
// Subject - the subject of the token usage
Subject string `json:"sub,omitempty"`
// Audience
Audience ClaimStrings `json:"aud,omitempty"`
// Expiration time
ExpiresAt *NumericDate `json:"exp,omitempty"`
// Not before time
NotBefore *NumericDate `json:"nbf,omitempty"`
// Issued at time
IssuedAt *NumericDate `json:"iat,omitempty"`
// JWT ID - a unique identifier for this JWT to prevent reuse of the token
ID string `json:"jti,omitempty"`
}