go RefreshToken实现

📅 2026/7/18 14:05:20
go RefreshToken实现
login:unc (self *MallFacade) LoginAdmin(c *gin.Context) error { auser : new(entityuser.AuthUser) if err : c.BindJSON(auser); err ! nil { common.ResFailUserMsg(c, 参数错误) return err } // 设置只查询 user_type 300 的用户商城后台管理员 auser.UserTypes []int16{300} var user, err FindBeanUserDaoFacade().Auth(auser, c) if err ! nil { golog.Error(MallFacade LoginAdmin failed: , err) if businessErr, ok : common.IsErrorAsBusiness(err); ok { common.ResFailed(c, businessErr.Code, err) } else { common.ResFailUserMsg(c, err.Error()) } return err } if !user.IfMallAdmin() { golog.Error(MallFacade LoginAdmin不是合法用户!, user.ID, user.Name) common.ResFailUserMsg(c, 无权限登录) return err } token, err : authentication.FindBeanJWTService().CreateToken(user, apiconst.TOKEN_APP_KEY_MALL_ADMIN) if err ! nil { golog.Error(MallFacade LoginAdmin failed:, err) common.ResFailUserMsg(c, 登录失败) return err } refreshToken, err : authentication.FindBeanJWTService().CreateTokenExpire(common.RefreshExpireHours, user, apiconst.TOKEN_APP_KEY_MALL_ADMIN) if err ! nil { golog.Error(MallFacade LoginAdmin refreshToken failed:, err) common.ResFailUserMsg(c, 登录失败) return err } apiservice.FindBeanUserService().SetSingleToken(c, user.ID, token, apiconst.TOKEN_APP_KEY_MALL_ADMIN) common.ResOk(c, entityuser.LoginInfo{ Name: user.Name, User: entityuser.ToLoginUserInfoVo(user), JWTToken: trainvo.JWTToken{ Token: token, CreateAt: time.Now(), ExpiresIn: common.ExpireHours, Describe: set token in Authorization Header, [Authorization: Bearer {token}], RefreshToken: refreshToken, RefreshExpire: common.RefreshExpireHours, }, }) return nil }func (s *JWTService) CreateTokenExpire(expire time.Duration, user *entityuser.User, app string) (string, error) { if user nil { return , fmt.Errorf(empty user) } now : time.Now() token : jwt.NewWithClaims( jwt.SigningMethodHS256, CustomClaims{ Name: user.Name, ID: user.ID, App: app, RegisteredClaims: jwt.RegisteredClaims{ ExpiresAt: jwt.NewNumericDate(now.Add(s.expireDuration)), NotBefore: jwt.NewNumericDate(now.Add(-1000 * time.Second)), ID: strconv.Itoa(int(user.ID)), Issuer: s.issuer, }, }, ) return token.SignedString(s.signKey) }refreshToken:func (self *MallFacade) RefreshToken(c *gin.Context) error { user, err : self.ParseRefreshToken(c) if err ! nil { golog.Error(MallFacade RefreshToken failed:, err) return err } token, err : authentication.FindBeanJWTService().CreateToken(user, apiconst.TOKEN_APP_KEY_MALL_ADMIN) if err ! nil { golog.Error(MallFacade LoginAdmin failed:, err) common.ResFailUserMsg(c, 登录失败) return err } //refreshToken, err : authentication.FindBeanJWTService().CreateTokenExpire(common.RefreshExpireHours, user, apiconst.TOKEN_APP_KEY_MALL_ADMIN) //if err ! nil { // golog.Error(MallFacade LoginAdmin refreshToken failed:, err) // common.ResFailUserMsg(c, 登录失败) // return err //} apiservice.FindBeanUserService().SetSingleToken(c, user.ID, token, apiconst.TOKEN_APP_KEY_MALL_ADMIN) common.ResOk(c, entityuser.LoginInfo{ Name: user.Name, User: entityuser.ToLoginUserInfoVo(user), JWTToken: trainvo.JWTToken{ Token: token, CreateAt: time.Now(), ExpiresIn: common.ExpireHours, Describe: set token in Authorization Header, [Authorization: Bearer {token}], // RefreshToken: refreshToken, // RefreshExpire: common.RefreshExpireHours, }, }) return err }unc (self *MallFacade) ParseRefreshToken(c *gin.Context) (*entityuser.User, error) { var req admindto.RefreshRequest{} if err : self.ParseBody(c, req); err ! nil { golog.Error(MallFacade RefreshToken failed:, err) common.ResFailUserMsg(c, 参数错误) return nil, err } user, isExpire, app, parseErr : authentication.FindBeanJWTService().ParseToken(req.RefreshToken) if parseErr ! nil { golog.Error(MallFacade RefreshToken failed:, parseErr, app) common.ResFailUserMsg(c, 刷新失败) return nil, parseErr } if isExpire { golog.Error(MallFacade RefreshToken expired token:, req.RefreshToken) common.ResFailUserMsg(c, 刷新token过期) return nil, parseErr } if user nil { golog.Error(MallFacade RefreshToken user is nil:, req.RefreshToken) common.ResFailUserMsg(c, 刷新token错误) return nil, parseErr } userRet : apiservice.FindBeanUserService().FindById(user.ID) if userRet.IsFailed() { golog.Error(MallFacade RefreshToken user is failed:, userRet) common.ResFailUserMsg(c, 刷新token错误) return nil, userRet.Result2Error() } if !userRet.ExistRecord() { golog.Error(MallFacade RefreshToken user is not exist:, req.RefreshToken) common.ResFailUserMsg(c, 刷新token错误) return nil, fmt.Errorf(user is not exist) } return user, nil }ParseToken:unc (s *JWTService) ParseToken(tokenString string) (*entityuser.User, bool, string, error) { isExpire : true token, err : jwt.ParseWithClaims(tokenString, CustomClaims{}, func(token *jwt.Token) (i interface{}, err error) { return s.signKey, nil }) if err ! nil { golog.Error(jwt.ParseWithClaims err: , err) return nil, isExpire, , err } claims, ok : token.Claims.(*CustomClaims) if !ok || !token.Valid { golog.Error(jwt.ParseWithClaims err: %v, err) return nil, isExpire, , fmt.Errorf(invaild token) } now : time.Now() isExpire claims.ExpiresAt.Time.Before(now) user : entityuser.User{ ID: claims.ID, Name: claims.Name, } return user, isExpire, claims.App, nil }