{"id":1777,"date":"2020-10-14T02:36:25","date_gmt":"2020-10-13T18:36:25","guid":{"rendered":"https:\/\/www.develop-note.com\/blog\/?p=1777"},"modified":"2022-02-16T21:49:02","modified_gmt":"2022-02-16T13:49:02","slug":"iris-jwt-2021ironman","status":"publish","type":"post","link":"https:\/\/www.develop-note.com\/blog\/2020\/10\/14\/iris-jwt-2021ironman\/","title":{"rendered":"Iris \u9019\u500b\u5728 go \u8a9e\u8a00\u4e0a\u5730\u8868\u6700\u5feb\u7684\u7db2\u9801\u6846\u67b6-iris\u7684jwt"},"content":{"rendered":"

jwt<\/h1>\n

\u4e0a\u4e00\u7bc7\u4ecb\u7d39\u4e86\u5982\u4f55\u64b0\u5beb\u53ca\u4f7f\u7528middleware\uff0c\u800ciris\u4e5f\u6709\u8a31\u591a\u597d\u7528\u7684middleware\uff0c\u6240\u4ee5\u672c\u7bc7\u5c31\u4f86\u4ecb\u7d39\u4e00\u500b\u597d\u7528\u7684middleware jwt\u3002<\/p>\n

<\/p>\n

jwt<\/h2>\n

\u4ecb\u7d39jwt\u9019\u500bmiddleware\u4e4b\u524d\u9084\u662f\u9700\u8981\u8ddf\u5927\u5bb6\u8aaa\u660e\u4ec0\u9ebc\u662fjwt\uff0c\u63a5\u4e0b\u4f86\u518d\u8ddf\u5927\u5bb6\u8aaa\u660e\u5982\u4f55\u4f7f\u7528jwt\u9019\u500bmiddleware\uff0c\u6240\u4ee5\u63a5\u4e0b\u4f86\u5c31\u662f\u8ddf\u8457\u9019\u7bc0\u594f\u5148\u8ddf\u5927\u5bb6\u4ecb\u7d39\u4ec0\u9ebc\u662fjwt\u3002<\/p>\n

\u4ec0\u9ebc\u662fjwt<\/h3>\n

\u5728\u4ecb\u7d39iris\u600e\u9ebc\u8655\u7406jwt\u4e4b\u524d\u5148\u8aaa\u660e\u4e00\u4e0bjwt\u662f\u4ec0\u9ebc\uff0cjwt\u5c31\u662fJSON Web Token\u7684\u7e2e\u5beb\uff0c\u8a73\u7d30\u5167\u5bb9\u53ef\u4ee5\u770b\u4e00\u4e0bjwt wiki<\/a>\u7684\u8aaa\u660e\uff0c\u7c21\u55ae\u4f86\u8aaa\u5c31\u662f\u4e00\u7a2e\u9a57\u8b49\u4f7f\u7528\u8005\u7684\u5354\u5b9a\uff0c\u9019\u5354\u5b9a\u53ef\u4ee5\u5c07\u4f7f\u7528\u8005\u7684\u8cc7\u6599\u52a0\u5bc6\u5b58\u653e\u5728token\u4e4b\u4e2d\uff0c\u56e0\u6b64\u53ef\u4ee5\u900f\u904e\u9019token\u4f86\u53d6\u5f97\u4f7f\u7528\u8005\u8cc7\u6599\u800c\u4e0d\u9700\u8981\u518d\u8207\u8cc7\u6599\u5eab\u6e9d\u901a\uff0c\u6240\u4ee5\u53ef\u4ee5\u518d\u767b\u5165\u6700\u5f8c\u5c07\u4e9b\u975e\u654f\u611f\u7684\u4f7f\u7528\u8005\u8cc7\u6599\u5b58\u653e\u5728token\u4e4b\u4e2d\uff0c\u6240\u4ee5\u63a5\u4e0b\u4f86\u518d\u8ddf\u5927\u5bb6\u5206\u4eab\u4e00\u4e0b\u5982\u4f55\u5728iris\u4f7f\u7528jwt\u3002<\/p>\n

iris\u4e0a\u5982\u4f55\u4f7f\u7528jwt<\/h3>\n

\u56e0\u70bairis\u6709\u5167\u5efa\u4e00\u500bmiddleware\u4f86\u8655\u7406jwt\uff0c\u6240\u4ee5\u6211\u5011\u85c9\u7531iris jwt example<\/a>\u9019\u500b\u7bc4\u4f8b\u4f86\u8aaa\u660e\u4e00\u4e0b\u5728iris\u5982\u4f55\u4f7f\u7528jwt\u9019\u500bmiddleware\u4f86\u8655\u7406JSON Web Token\uff0c\u9996\u5148\u5148\u770b\u4e00\u4e0b\u4e0b\u5217\u4f8b\u5b50<\/p>\n

package main\n\nimport (\n    "github.com\/kataras\/iris\/v12"\n    "github.com\/iris-contrib\/middleware\/jwt"\n)\n\nvar mySecret = []byte("My Secret")\n\n\/\/ generate token to use.\nfunc getTokenHandler(ctx iris.Context) {\n    token := jwt.NewTokenWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{\n        "foo": "bar",\n    })\n\n    \/\/ Sign and get the complete encoded token as a string using the secret\n    tokenString, _ := token.SignedString(mySecret)\n\n    ctx.HTML(`Token: ` + tokenString + `<br\/><br\/>\n<a href="\/secured?token=` + tokenString + `">\/secured?token=` + tokenString + `<\/a>`)\n}\n\nfunc myAuthenticatedHandler(ctx iris.Context) {\n    user := ctx.Values().Get("jwt").(*jwt.Token)\n\n    ctx.Writef("This is an authenticated request\\n")\n    ctx.Writef("Claim content:\\n")\n\n    foobar := user.Claims.(jwt.MapClaims)\n    for key, value := range foobar {\n        ctx.Writef("%s = %s", key, value)\n    }\n}\n\nfunc main() {\n    app := iris.New()\n\n    j := jwt.New(jwt.Config{\n        ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {\n            return mySecret, nil\n        },\n\n        \/\/ Extract by the "token" url.\n        \/\/ There are plenty of options.\n        \/\/ The default jwt's behavior to extract a token value is by\n        \/\/ the `Authorization: Bearer $TOKEN` header.\n        Extractor: jwt.FromParameter("token"),\n        \/\/ When set, the middleware verifies that tokens are\n        \/\/ signed with the specific signing algorithm\n        \/\/ If the signing method is not constant the `jwt.Config.ValidationKeyGetter` callback\n        \/\/ can be used to implement additional checks\n        \/\/ Important to avoid security issues described here:\n        \/\/ https:\/\/auth0.com\/blog\/2015\/03\/31\/critical-vulnerabilities-in-json-web-token-libraries\/\n        SigningMethod: jwt.SigningMethodHS256,\n    })\n\n    app.Get("\/", getTokenHandler)\n    app.Get("\/secured", j.Serve, myAuthenticatedHandler)\n\n    \/\/ j.CheckJWT(Context) error can be also used inside handlers.\n\n    app.Listen(":8080")\n}<\/code><\/pre>\n
\u9019\u88e1\u8981\u95dc\u6ce8\u7684\u662fgetTokenHandler\u8207myAuthenticatedHandler\u9019\u5169\u500bhandler<\/code>
\n\uff0c\u63a5\u4e0b\u4f86\u6211\u5011\u5206\u6bb5\u8aaa\u660ejwt\u7684\u7528\u6cd5\u3002<\/p>\n
\u751f\u6210jwt<\/h4>\n
\u751f\u6210jwt\u7684\u65b9\u6cd5\u5728getTokenHandler\u53ef\u4ee5\u770b\u5230\uff0c\u5728\u9019\u500b\u6b65\u9a5f\u6211\u5011\u591a\u653e\u4e00\u500bmap\u5230token\u5f85\u4e4b\u5f8c\u7684\u7bc4\u4f8b\u6703\u4ecb\u7d39\u5982\u4f55\u53d6\u51fa\u4f86\uff0c\u6700\u5f8c\u70ba\u4e86\u5b89\u5168\u63aa\u65bd\u6211\u5011\u53c8\u91dd\u5c0dtoken\u518d\u52a0\u5bc6\u4e00\u6b21\uff0c\u5229\u7528\u6211\u5011\u7684mySecret\u5c6c\u6027\uff0c\u5b8c\u6574\u7684\u8a9e\u6cd5\u662ftokenString, _ := token.SignedString(mySecret)<\/code><\/p>\n
\u9a57\u8b49jwt<\/h4>\n
\u8b80\u8005\u5011\u61c9\u8a72\u6709\u6ce8\u610f\u5230\u5728\u7d81\u5b9amyAuthenticatedHandler\u9019handler<\/code>\u524d\u6709\u52a0\u4e86\u53e6\u5916\u4e00\u500bj.Serve<\/code>\u5982\u6b64\u53ef\u4ee5\u518d\u57f7\u884c\u8655\u7406\u8acb\u6c42\u524d\u5148\u9a57\u8b49jwt\u662f\u5426\u5408\u6cd5\uff0c\u6240\u4ee5\u53ea\u8981\u628a\u8981\u52a0\u5165\u9a57\u8b49\u7684handler<\/code>\u591a\u52a0\u4e00\u500bj.Serve<\/code>\u7684\u524d\u7f6e\u8655\u7406\u5373\u53ef\u3002<\/p>\n
\u7531jwt\u4e2d\u53d6\u5f97\u4f7f\u7528\u8005\u8cc7\u8a0a<\/h4>\n
\u524d\u9762\u6709\u63d0\u5230\u53ef\u4ee5\u628a\u4f7f\u7528\u8005\u8cc7\u8a0a\u5b58\u5728token\u4e2d\uff0c\u90a3\u8981\u5982\u4f55\u53d6\u51fa\u4f86\u5462\uff0c\u9019\u500b\u89e3\u7b54\u5728myAuthenticatedHandler\u4e2d\u5c31\u53ef\u4ee5\u770b\u5f97\u5230\uff0c\u7c21\u55ae\u8b1b\u5c31\u662f\u900f\u904euser := ctx.Values().Get("jwt").(*jwt.Token)<\/code>\u5c31\u53ef\u4ee5\u53d6\u5f97\u6211\u5011\u653e\u5230token\u7684\u8cc7\u8a0a\u3002
\n\u6700\u5f8c\u53ef\u4ee5\u900f\u904efoobar := user.Claims.(jwt.MapClaims)<\/code>\u53ef\u4ee5\u53d6\u5f97\u6211\u5011\u751f\u6210token\u6642\u653e\u9032\u53bb\u7684\u8cc7\u6599\u3002<\/p>\n
\u8acb\u6c42\u6642jwt\u653e\u54ea\u88e1<\/h4>\n
\u5728\u672c\u4f8b\u5b50\u4e2d\u662f\u5c07token\u653e\u5728query string\u88e1\u9762\uff0c\u4f46\u662f\u5e38\u7528\u7684\u65b9\u6cd5\u662fjwt\u653e\u5728header<\/code>\u5167\uff0c\u5982\u6b64\u53ef\u4ee5\u6e1b\u5c11\u88ab\u7be1\u6539\u7684\u6a5f\u6703\uff0c\u90a3\u6a23\u8981\u5982\u4f55\u5be6\u4f5c\u5462\uff0c\u7c21\u55ae\u7684\u8b1b\u5c31\u662f\u5c07Extractor<\/code>\u7684\u503c\u6539\u6210jwt.FromAuthHeader<\/code>\u5373\u53ef\uff0c\u4e0d\u904e\u8981\u6ce8\u610f\u653e\u5728header<\/code>\u6642\u8981\u8a18\u5f97\u5728token\u524d\u52a0\u4e0abearer\u4ee5\u53ca\u4e00\u500b\u7a7a\u683c\uff0c\u4e0d\u7136\u6703\u9a57\u8b49\u5931\u6557\u5594\u3002<\/p>\n
\u6703\u903e\u671f\u7684jwt<\/h4>\n
\u4e0a\u9762\u7684\u4f8b\u5b50\u7522\u751f\u7684\u4f8b\u5b50\u662f\u6c38\u4e45\u751f\u6548\u7684\uff0c\u4e0d\u904e\u6211\u5011\u53ef\u4ee5\u4f7f\u7528jwt\u7522\u751f\u4f7f\u7528\u671f\u9650\uff0c\u8acb\u5927\u5bb6\u770b\u4e00\u4e0b\u4e0b\u9762\u7684\u4f8b\u5b50<\/p>\n
token := jwt.NewTokenWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{\n             "foo": "bar",\n             "exp": time.Now().Add(time.Hour * time.Duration(12)).Unix() \/\/ \u5408\u6cd5\u7684\u6642\u9593\u6233\n             "iat": time.Now().Unix() \/\/ \u7c3d\u767ctoken\u7684\u6642\u9593\u6233\n\n    })<\/code><\/pre>\n
\u4e0a\u9762\u7684\u4f8b\u5b50\u5c07token\u52a0\u4e0a\u7c3d\u767c\u6642\u9593\u6233\u4ee5\u53ca\u5408\u6cd5\u7684\u6642\u9593\u6233\uff0c\u6700\u5f8c\u5728\u751f\u6210middleware\u7684config\u52a0\u4e0a\u4ee5\u4e0b\u53c3\u6578\u5373\u53ef<\/p>\n
\n    j := jwt.New(jwt.Config{\n            ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {\n            return mySecret, nil\n        },\n            Extractor: jwt.FromParameter("token"),\n            SigningMethod: jwt.SigningMethodHS256,\n            Expiration:true,\n    })<\/code><\/pre>\n
\u7d50\u8ad6<\/h2>\n
\u672c\u7bc7\u8ddf\u5927\u5bb6\u4ecb\u7d39\u4e00\u500b\u9a57\u8b49\u7684\u5229\u5668jwt\uff0c\u4e26\u4e14\u4ecb\u7d39\u5982\u4f55\u5728iris\u4f7f\u7528jwt\u9019\u500bmiddleware\uff0c\u5e0c\u671b\u80fd\u5920\u5e6b\u52a9\u5927\u5bb6\u77ad\u89e3\u95dc\u65bciris\u4e0a\u7684\u4f7f\u7528\u8005\u9a57\u8b49\u7684\u65b9\u6cd5\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
jwt \u4e0a\u4e00\u7bc7\u4ecb\u7d39\u4e86\u5982\u4f55\u64b0\u5beb\u53ca\u4f7f\u7528middleware\uff0c\u800ciris\u4e5f\u6709\u8a31\u591a\u597d\u7528\u7684middleware\uff0c\u6240\u4ee5\u672c\u7bc7 … <\/p>\n
\u95b1\u8b80\u5168\u6587\u3008Iris \u9019\u500b\u5728 go \u8a9e\u8a00\u4e0a\u5730\u8868\u6700\u5feb\u7684\u7db2\u9801\u6846\u67b6-iris\u7684jwt\u3009<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[2],"tags":[158,81,84],"class_list":["post-1777","post","type-post","status-publish","format-standard","hentry","category-develop","tag-2020ironman","tag-go","tag-iris"],"_links":{"self":[{"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/posts\/1777","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/comments?post=1777"}],"version-history":[{"count":26,"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/posts\/1777\/revisions"}],"predecessor-version":[{"id":2949,"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/posts\/1777\/revisions\/2949"}],"wp:attachment":[{"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/media?parent=1777"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/categories?post=1777"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.develop-note.com\/blog\/wp-json\/wp\/v2\/tags?post=1777"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}