实现刷新token机制
This commit is contained in:
Yavolte
parent
d3e3a66eca
commit
13010ec1a4
|
|
@ -152,7 +152,15 @@ func (s *AuthService) Login(ctx context.Context, req *pb.LoginRequest) (res *pb.
|
||||||
IssuedAt: time.Now().Unix(),
|
IssuedAt: time.Now().Unix(),
|
||||||
ExpirationAt: time.Now().Add(time.Second * time.Duration(s.opts.ttl)).Unix(),
|
ExpirationAt: time.Now().Add(time.Second * time.Duration(s.opts.ttl)).Unix(),
|
||||||
}
|
}
|
||||||
|
refreshClaims := types.Claims{
|
||||||
|
Uid: model.Uid,
|
||||||
|
Role: model.Role,
|
||||||
|
Admin: model.Admin,
|
||||||
|
IssuedAt: time.Now().Unix(),
|
||||||
|
ExpirationAt: time.Now().Add(time.Hour * 48).Unix(),
|
||||||
|
}
|
||||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||||
|
refreshToken := jwt.NewWithClaims(jwt.SigningMethodHS256, refreshClaims)
|
||||||
|
|
||||||
res = &pb.LoginResponse{}
|
res = &pb.LoginResponse{}
|
||||||
if res.Token, err = token.SignedString(s.opts.secret); err == nil {
|
if res.Token, err = token.SignedString(s.opts.secret); err == nil {
|
||||||
|
|
@ -160,6 +168,7 @@ func (s *AuthService) Login(ctx context.Context, req *pb.LoginRequest) (res *pb.
|
||||||
res.Username = model.Username
|
res.Username = model.Username
|
||||||
res.Expires = s.opts.ttl
|
res.Expires = s.opts.ttl
|
||||||
}
|
}
|
||||||
|
res.RefreshToken, err = refreshToken.SignedString(s.opts.secret)
|
||||||
loginModel := &models.Login{}
|
loginModel := &models.Login{}
|
||||||
loginModel.Uid = model.Uid
|
loginModel.Uid = model.Uid
|
||||||
loginModel.AccessToken = res.Token
|
loginModel.AccessToken = res.Token
|
||||||
|
|
@ -186,6 +195,36 @@ func (s *AuthService) Logout(ctx context.Context, req *pb.LogoutRequest) (res *p
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *AuthService) RefreshToken(ctx context.Context, req *pb.RefreshTokenRequest) (res *pb.RefreshTokenResponse, err error) {
|
||||||
|
var (
|
||||||
|
token *jwt.Token
|
||||||
|
)
|
||||||
|
if token, err = jwt.ParseWithClaims(req.RefreshToken, &types.Claims{}, func(token *jwt.Token) (interface{}, error) {
|
||||||
|
return s.opts.secret, nil
|
||||||
|
}); err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if claims, ok := token.Claims.(*types.Claims); ok {
|
||||||
|
tokenClaims := types.Claims{
|
||||||
|
Uid: claims.Uid,
|
||||||
|
Role: claims.Role,
|
||||||
|
Admin: claims.Admin,
|
||||||
|
IssuedAt: time.Now().Unix(),
|
||||||
|
ExpirationAt: time.Now().Add(time.Second * time.Duration(s.opts.ttl)).Unix(),
|
||||||
|
}
|
||||||
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, tokenClaims)
|
||||||
|
res = &pb.RefreshTokenResponse{}
|
||||||
|
if res.Token, err = token.SignedString(s.opts.secret); err == nil {
|
||||||
|
res.Uid = claims.Uid
|
||||||
|
res.Expires = s.opts.ttl
|
||||||
|
return
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
err = errors.ErrIncompatible
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
func NewAuthService(cbs ...AuthOption) *AuthService {
|
func NewAuthService(cbs ...AuthOption) *AuthService {
|
||||||
opts := &authOptions{
|
opts := &authOptions{
|
||||||
ttl: 7200,
|
ttl: 7200,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue