jwt.go

package user_s

import (
	"github.com/dgrijalva/jwt-go"
	"hilo-user/myerr"
	"hilo-user/myerr/bizerr"
	"hilo-user/resource/config"
	"hilo-user/resource/mysql"
	"time"
)

// 载荷，增加用户别名
type Claims struct {
	UserId     uint64
	ExternalId string
	jwt.StandardClaims
}

// 生成App用的jwt token
// issuer 外面传
func generateGameJwtToken(userId uint64, externalId string, issuer string) (string, error) {
	jwtConfig := config.GetConfigGameJWT()
	duration, err := time.ParseDuration(jwtConfig.EXPIRE)
	if err != nil {
		return "", myerr.WrapErr(err)
	}

	expireTime := time.Now().Add(duration)
	claims := Claims{
		UserId:     userId,
		ExternalId: externalId,
		StandardClaims: jwt.StandardClaims{
			ExpiresAt: expireTime.UnixNano() / 1e6, //过期时间
			Issuer:    issuer,                      //签名的发行者
		},
	}
	tokenClaims := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	token, err := tokenClaims.SignedString(getGameJWTSecret())
	return token, myerr.WrapErr(err)
}

//解析jwt token
func ParseJwtToken(token, issuer string) (userId mysql.ID, externalId string, expiresAt int64, err error) {
	tokenClaims, err := jwt.ParseWithClaims(token, &Claims{}, func(token *jwt.Token) (interface{}, error) {
		return getGameJWTSecret(), nil
	})
	if err != nil {
		return
	}
	if tokenClaims != nil {
		claims, ok := tokenClaims.Claims.(*Claims)
		if ok && tokenClaims.Valid {
			if time.Now().Unix() > claims.ExpiresAt {
				err = bizerr.GameTokenExpire
				return
			}
			if claims.Issuer != issuer {
				err = bizerr.GameTokenInvalid
				return
			}
			// success
			userId, externalId, expiresAt = claims.UserId, claims.ExternalId, claims.ExpiresAt
		}
	} else {
		err = bizerr.GameTokenInvalid
	}
	return
}

func getGameJWTSecret() []byte {
	return []byte(config.GetConfigGameJWT().SECRET)
}