| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 |
- package middleware
- import (
- "context"
- "errors"
- "fmt"
- "net/http"
- "strings"
- "github.com/golang-jwt/jwt/v4"
- )
- const (
- jwtAudience = "aud"
- jwtExpire = "exp"
- jwtId = "jti"
- jwtIssueAt = "iat"
- jwtIssuer = "iss"
- jwtNotBefore = "nbf"
- jwtSubject = "sub"
- noDetailReason = "no detail reason"
- )
- type OptionalJwtMiddleware struct {
- Secret string
- }
- func NewOptionalJwtMiddleware(secret string) *OptionalJwtMiddleware {
- return &OptionalJwtMiddleware{
- Secret: secret,
- }
- }
- func (m *OptionalJwtMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {
- // 尝试从请求头中获取 JWT 令牌
- tokenString := r.Header.Get("Authorization")
- ctx := r.Context()
- if len(tokenString) > 0 {
- // 如果提供了 JWT 令牌,则验证它
- tokenValue := strings.Split(tokenString, " ")
- if len(tokenValue) == 2 {
- parsedToken, err := jwt.Parse(tokenValue[1], func(token *jwt.Token) (interface{}, error) {
- if _, ok := token.Method.(*jwt.SigningMethodHMAC); ok {
- return []byte(m.Secret), nil
- }
- return nil, errors.New("failed to parse token")
- })
- if err == nil {
- if claims, ok := parsedToken.Claims.(jwt.MapClaims); ok && parsedToken.Valid {
- // 将解析到的 claims 添加到请求上下文中
- for k, v := range claims {
- switch k {
- case jwtAudience, jwtExpire, jwtId, jwtIssueAt, jwtIssuer, jwtNotBefore, jwtSubject:
- // ignore the standard claims
- default:
- ctx = context.WithValue(ctx, k, v)
- }
- }
- fmt.Println("vvvvvvvv: ")
- }
- }
- }
- }
- newReq := r.WithContext(ctx)
- next(w, newReq)
- }
- }
|
