golang中使用JWT
go get github.com/dgrijalva/jwt-go
package jwt
import (
"errors"
"github.com/dgrijalva/jwt-go"
"time"
)
//自定义一个字符串
var jwtKey = []byte("XgZP9Ky1TqcfnlNp6cdsdsdamCgBkPrcXTUaM")
var NotHasToken = errors.New("生成token失败")
var authFailed = errors.New("鉴权失败")
func AuthFiledError() error {
return authFailed
}
type MyClaims struct {
UserName string `json:"userName"`
}
type Claims struct {
MyClaims MyClaims `json:"myClaims"`
jwt.StandardClaims
}
//颁发token
func Setting(myClaims MyClaims) (string, error) {
expireTime := time.Now().Add(3 * time.Minute)
claims := &Claims{
MyClaims: myClaims,
StandardClaims: jwt.StandardClaims{
ExpiresAt: expireTime.Unix(), //过期时间
IssuedAt: time.Now().Unix(),
Issuer: "chenhao", // 签名颁发者
Subject: "jwt_token", //签名主题
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString(jwtKey)
if err != nil {
return "", NotHasToken
}
return tokenString, nil
}
//解析token
func Getting(tokenString string) (string, bool) {
token, _, err := ParseToken(tokenString)
if err != nil {
return err.Error(), false
}
if !token.Valid {
return "token校验失败", false
}
return token.Raw, true
}
func ParseToken(tokenString string) (*jwt.Token, *Claims, error) {
Claims := &Claims{}
token, err := jwt.ParseWithClaims(tokenString, Claims, func(token *jwt.Token) (i interface{}, err error) {
return jwtKey, nil
})
return token, Claims, err
}
func MakeToken(myClaims MyClaims) (string, error) {
token, err := Setting(myClaims)
if err != nil {
return "", err
}
return token, nil
}
func CheckToken(token string) (bool, error) {
t, tokenIsOk := Getting(token)
if tokenIsOk {
return true, nil
}
return false, errors.New(t)
}
测试案例
package jwt
import "testing"
func TestMakeToken(t *testing.T) {
token, err := MakeToken(MyClaims{
UserName: "ewew",
})
if err != nil {
t.Fatal(err)
}
t.Log(token)
}
func TestCheckToken(t *testing.T) {
token := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDkzMTMyODcsImlhdCI6MTY0OTMxMzEwNywiaXNzIjoieGlhb2R1b2FpIiwic3ViIjoiand0X3Rva2VuIn0.BfqZjBK2N7PGCEhgeuE5S2r91BXAy-H1eaggsBvHAbA"
is, err := CheckToken(token)
if err != nil {
t.Fatal(err)
}
t.Log(is)
}
python中使用JWT
pip3 install PyJWT==1.7.1
import datetime
import time
import jwt
APP_SECRET = "XgZP9Ky1TqcfnlNp6cdsdsdamCgBkPrcXTUaM"
def get_token(myClaims):
exp = datetime.datetime.now() + datetime.timedelta(minutes=3)
token_dict = {
'exp': int(exp.timestamp()), # 过期时间
'iat': int(time.time()),
'iss': 'chenhao', # 签名
'sub': 'jwt_token',
'myClaims': myClaims,
}
headers = {"alg": "HS256", "typ": "JWT"}
jwt_token = jwt.encode(token_dict, APP_SECRET, algorithm="HS256", headers=headers)
token = jwt_token.decode('utf-8')
return token
def check_token(token):
try:
if not token:
return False
to = jwt.decode(token, key=APP_SECRET, algorithms="HS256")
if to:
return True
return False
except:
return False
if __name__ == '__main__':
token = get_token({"userName": "xxx"})
print(token)
print(check_token("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDkzMTQzMjcsImlhdCI6MTY0OTMxNDE0NywiaXNzIjoieGlhb2R1b2FpIiwic3ViIjoiand0X3Rva2VuIn0.2ZqzTJH4HNcdBI8pudrA1V0SKHFZQl7sA54_q-lX1lA"))
这样golang和python生成的token就能相互校验