Shulou(Shulou.com)05/31 Report--

This article mainly explains "how to use JWT in the gin framework". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn how to use JWT in the gin framework.

What is JWT?

JWT full name JSON Web Token is a cross-domain authentication solution, which belongs to an open standard, which provides a way to implement Token, which is currently used in front-end separation projects and OAuth4.0 business scenarios.

Why do I need JWT?

In some previous web projects, we usually used the Cookie-Session pattern to implement user authentication. The related process is roughly as follows:

The user fills in the user name and password on the browser side and sends it to the server side

After verifying the user name and password, the server will generate a copy of session data and a corresponding identity (usually called session_id) that holds the relevant information about the current user.

When the server returns the response, the session_id of the previous step is written to the Cookie of the user's browser.

Subsequent requests from the browser will automatically carry a Cookie containing session_id

The server can find the previously saved session data of the user through the session_id in the request, so as to obtain the relevant information of the user.

This scheme relies on the client (browser) to save the Cookie and needs to store the user's session data on the server.

In the era of mobile Internet, our users may use browsers or APP to access our services, our web applications may be deployed on different ports, and sometimes we need to support third-party login, so the Cookie-Session mode is somewhat inadequate.

JWT is a lightweight authentication mode based on Token. After the server has passed the authentication, it will generate a JSON object, get a Token (token) after signature, and send it back to the user. The user only needs to bring this Token to the subsequent request, and the server can obtain the relevant information of the user after decryption.

To connect to the principle of JWT, we recommend that you read Ruan Yifeng's tutorial on how to get started with JWT

Generate JWT and parse JWT

We use the jwt-go library directly here to implement our ability to generate JWT and parse JWT.

Define requirements

We need to customize our own requirements to decide which data to store in JWT. For example, if we specify that username information should be stored in JWT, then we define a MyClaims structure as follows:

Import ("github.com/dgrijalva/jwt-go") / / MyClaims custom declaration structure and embedded jwt.StandardClaims in the jwt.StandardClaims// jwt package contains only the official field / / We need to record an additional username field here, so to customize the structure / / if you want to save more information, you can add type MyClaims struct {Username string `declaration: "username" `jwt.StandardClaims} to this structure.

Then we define the expiration time of JWT. Here we take 2 hours as an example:

Const TokenExpireDuration = time.Hour * 2

Next, you need to define the Secret:

Var MySecret = [] byte ("summer has passed quietly") generate JWT// GenToken generate JWTfunc GenToken (username string) (string, error) {/ / create our own declaration c: = MyClaims {"username", / / custom field jwt.StandardClaims {ExpiresAt: time.Now (). Add (TokenExpireDuration). Unix () / / expiration time Issuer: "my-project", / / issuer},} / / create a signature object token: = jwt.NewWithClaims (jwt.SigningMethodHS256) using the specified signature method C) / / use the specified secret signature and get the fully encoded string token return token.SignedString (MySecret)} parse JWT// ParseToken parse JWTfunc ParseToken (tokenString string) (* MyClaims, error) {/ / parse token token, err: = jwt.ParseWithClaims (tokenString, & MyClaims {}, func (token * jwt.Token) (I interface {}, err error) {return MySecret Nil}) if err! = nil {return nil, err} if claims, ok: = token.Claims. (* MyClaims) Ok & & token.Valid {/ / verify token return claims, nil} return nil, errors.New ("invalid token")} using JWT in the gin framework

First of all, we register a route / auth to provide access to Token:

R.POST ("/ auth", authHandler)

Our definition of authHandler is as follows:

Func authHandler (c * gin.Context) {/ / user sends username and password var user UserInfo err: = c.ShouldBind (& user) if err! = nil {c.JSON (http.StatusOK, gin.H {"code": 2001, "msg": "invalid parameter" }) return} / / verify that the username and password are correct if user.Username = = "q1mi" & & user.Password = = "q1mi123" {/ / generate Token tokenString, _: = GenToken (user.Username) c.JSON (http.StatusOK) Gin.H {"code": 2000, "msg": "success", "data": gin.H {"token": tokenString},}) return} c.JSON (http.StatusOK, gin.H {"code": 2002 "msg": "Authentication failed",}) return}

After users obtain Token through the above API, they will later request our other APIs with Token. At this time, we need to verify the Token of these requests. Obviously, we should implement a middleware to verify Token, as shown below:

/ JWTAuthMiddleware JWT-based authentication middleware func JWTAuthMiddleware () func (c * gin.Context) {return func (c * gin.Context) {/ / there are three ways for clients to carry Token. Put it in the request header 2. Put it in request body 3. Put it in URI / / here, assuming that Token is placed in the Authorization of Header And use the beginning of Bearer / / the specific implementation method here should be based on your actual business situation. AuthHeader: = c.Request.Header.Get ("Authorization") if authHeader = "" {c.JSON (http.StatusOK, gin.H {"code": 2003) "msg": "auth is empty in the request header",}) c.Abort () return} / / divide parts by space: = strings.SplitN (authHeader, "") 2) if! (len (parts) = = 2 & & parts [0] = = "Bearer") {c.JSON (http.StatusOK, gin.H {"code": 2004, "msg": "incorrect auth format in the request header" }) c.Abort () return} / / parts [1] is the obtained tokenString We use the previously defined function to parse JWT mc, err: = ParseToken (parts [1]) if err! = nil {c.JSON (http.StatusOK, gin.H {"code": 2005, "msg": "invalid Token" }) c.Abort () return} / / saves the username information of the current request to the context c of the request c.Set ("username" Mc.Username) c.Next () / / subsequent processing functions can use c.Get ("username") to obtain the currently requested user information}}

Register a / home route and send a request to verify it.

R.GET ("/ home", JWTAuthMiddleware (), homeHandler) func homeHandler (c * gin.Context) {username: = c.MustGet ("username"). (string) c.JSON (http.StatusOK, gin.H {"code": 2000, "msg": "success", "data": gin.H {"username": username},})} Thank you for reading The above is the content of "how to use JWT in the gin framework". After the study of this article, I believe you have a deeper understanding of how to use JWT in the gin framework. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.