update to jwt v5

2025-10-05 16:06:51 +08:00 · 2025-07-16 16:55:52 +08:00
parent 0e09afe962
commit 4343dfaa31
5 changed files with 44 additions and 52 deletions
--- a/go.mod
+++ b/go.mod
@@ -126,7 +126,7 @@ require (
 	github.com/creack/pty v1.1.21
 	github.com/gin-gonic/gin v1.9.1
 	github.com/glebarez/sqlite v1.11.0
-	github.com/golang-jwt/jwt v3.2.2+incompatible
+	github.com/golang-jwt/jwt/v5 v5.2.3
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	github.com/olivere/elastic/v7 v7.0.32
 	github.com/panjf2000/ants/v2 v2.10.0
--- a/go.sum
+++ b/go.sum
@@ -109,8 +109,8 @@ github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MG
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk=
 github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
-github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
-github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/golang-jwt/jwt/v5 v5.2.3 h1:kkGXqQOBSDDWRhWNXTFpqGSCMyh/PLnqUvMGJPDJDs0=
+github.com/golang-jwt/jwt/v5 v5.2.3/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0ktxqI+Sida1w446QrXBRJ0nee3SNZlA=
 github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A=
--- a/internal/app/api/user.go
+++ b/internal/app/api/user.go
@@ -22,7 +22,7 @@ func (u *userApi) LoginHandler(ctx *gin.Context, req model.LoginHandlerReq) any
 	if !u.checkLoginInfo(req.Account, req.Password) {
 		return errors.New("incorrect username or password")
 	}
-	token, err := utils.GenToken(req.Account)
+	token, err := utils.GenerateToken(req.Account)
 	if err != nil {
 		return err
 	}
--- a/internal/app/middle/token.go
+++ b/internal/app/middle/token.go
@@ -51,7 +51,7 @@ func CheckToken() gin.HandlerFunc {
 			} else {
 				token = c.Query("token")
 			}
-			if _, err := utils.ParseToken(token); err != nil {
+			if _, err := utils.VerifyToken(token); err != nil {
 				rErr(c, -2, "token校验失败", err)
 				return
 			}
@@ -73,8 +73,8 @@ func getUser(ctx *gin.Context) (string, error) {
 	} else {
 		token = ctx.Query("token")
 	}
-	if mc, err := utils.ParseToken(token); err == nil && mc != nil {
-		return mc.UserName, nil
+	if mc, err := utils.VerifyToken(token); err == nil && mc != nil {
+		return mc.Username, nil
 	} else {
 		return "", errors.Join(errors.New("用户信息获取失败"), err)
 	}
--- a/utils/jwt.go
+++ b/utils/jwt.go
@@ -1,67 +1,59 @@
 package utils

 import (
-	"errors"
+	"fmt"
 	"time"

-	"github.com/lzh-1625/go_process_manager/config"
-
-	"github.com/golang-jwt/jwt"
+	"github.com/golang-jwt/jwt/v5"
 )

-var mySecret []byte
-
-func SetSecret(secret []byte) {
-	mySecret = secret
-}
-
-func keyFunc(_ *jwt.Token) (i interface{}, err error) {
-	return mySecret, nil
-}
+var jwtKey []byte

 type MyClaims struct {
-	UserName string `json:"user_name"`
-	jwt.StandardClaims
+	Username string `json:"username"`
+	jwt.RegisteredClaims
 }

-func GenToken(UserName string) (string, error) {
-	// 创建一个我们自己的声明的数据
-	c := MyClaims{
-		UserName,
-		jwt.StandardClaims{
-			ExpiresAt: time.Now().Add(
-				time.Duration(config.CF.TokenExpirationTime) * time.Hour).Unix(), // 过期时间
-			Issuer: "jwt", // 签发人
+func SetSecret(secret []byte) {
+	jwtKey = []byte(secret)
+}
+
+func GenerateToken(username string) (string, error) {
+	expirationTime := time.Now().Add(3 * 24 * time.Hour)
+
+	claims := &MyClaims{
+		Username: username,
+		RegisteredClaims: jwt.RegisteredClaims{
+			ExpiresAt: jwt.NewNumericDate(expirationTime),
+			IssuedAt:  jwt.NewNumericDate(time.Now()),
+			NotBefore: jwt.NewNumericDate(time.Now()),
 		},
 	}
-	// 使用指定的签名方法创建签名对象
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, c)
-	return token.SignedString(mySecret)
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+
+	tokenString, err := token.SignedString(jwtKey)
+	if err != nil {
+		return "", err
 	}

-func ParseToken(tokenString string) (*MyClaims, error) {
-	var mc = new(MyClaims)
-	token, err := jwt.ParseWithClaims(tokenString, mc, keyFunc)
+	return tokenString, nil
+}
+
+func VerifyToken(tokenString string) (*MyClaims, error) {
+	claims := &MyClaims{}
+
+	token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
+		return jwtKey, nil
+	})
+
 	if err != nil {
 		return nil, err
 	}
-	if token.Valid {
-		return mc, nil
-	}
-	return nil, errors.New("invalid token")
+
+	if !token.Valid {
+		return nil, fmt.Errorf("invalid token")
 	}

-func RefreshToken(aToken, rToken string) (newAToken, newRToken string, err error) {
-	if _, err = jwt.Parse(rToken, keyFunc); err != nil {
-		return
-	}
-	var claims MyClaims
-	_, err = jwt.ParseWithClaims(aToken, &claims, keyFunc)
-	v, _ := err.(*jwt.ValidationError)
-
-	if v.Errors == jwt.ValidationErrorExpired {
-		token, _ := GenToken(claims.UserName)
-		return token, "", nil
-	}
-	return
+	return claims, nil
 }