内容简介:The easiest JWT Library that could be the starting point for any of your project.
JWT Go
The easiest JWT Library that could be the starting point for any of your project.
Installation
go get github.com/supanadit/jwt-go
Quick Start
package main
import (
"fmt"
"github.com/supanadit/jwt-go"
"log"
)
func main() {
// Set Your JWT Secret Code, its optional but important, because default secret code is very insecure
jwt.SetJWTSecretCode("Your Secret Code")
// Create default authorization
auth := jwt.Authorization{
Username: "admin",
Password: "admin",
}
// Generate JWT Token from default authorization model
token, err := auth.GenerateJWT()
if err != nil {
log.Fatal(err)
}
fmt.Println("JWT Token : " + token)
// Verify the token
valid, err := auth.VerifyJWT(token)
if err != nil {
fmt.Println(err)
}
fmt.Print("Status : ")
if valid {
fmt.Println("Valid")
} else {
fmt.Println("Invalid")
}
}
Custom Authorization
package main
import (
"fmt"
"github.com/supanadit/jwt-go"
"log"
)
type Login struct {
Email string
Password string
Name string
}
func main() {
// Set Your JWT Secret Code, its optional but important, because default secret code is very insecure
jwt.SetJWTSecretCode("Your Secret Code")
// Create default authorization
auth := Login{
Email: "asd@asd.com",
Password: "asd",
Name: "asd",
}
// Generate JWT Token from default authorization model
token, err := jwt.GenerateJWT(auth)
if err != nil {
log.Fatal(err)
}
fmt.Println("JWT Token : " + token)
// Variable for decoded JWT token
var dataAuth Login
// Verify the token
valid, err := jwt.VerifyAndBindingJWT(&dataAuth, token)
if err != nil {
fmt.Println(err)
}
// or simply you can do this, if you don't need to decode the JWT
// valid, err := jwt.VerifyJWT(token)
// if err != nil {
// fmt.Println(err)
// }
fmt.Print("Status : ")
if valid {
fmt.Println("Valid")
} else {
fmt.Println("Invalid")
}
}
Encrypt & Verify Password
package main
import (
"fmt"
"github.com/supanadit/jwt-go"
"log"
)
type Login struct {
Email string
Password string
}
func main() {
// Set Your JWT Secret Code, its optional but important, because default secret code is very insecure
jwt.SetJWTSecretCode("Your Secret Code")
// Create authorization from your own struct
auth := Login{
Email: "example@email.com",
Password: "123",
}
// Encrypt password, which you can save to database
ep, err := jwt.EncryptPassword(auth.Password)
if err != nil {
log.Fatal(err)
}
fmt.Println("Encrypted Password " + string(ep))
// Verify Encrypted Password
valid, err := jwt.VerifyPassword(string(ep), auth.Password)
if err != nil {
fmt.Println(err)
}
fmt.Print("Status : ")
if valid {
fmt.Println("Valid")
} else {
fmt.Println("Invalid")
}
}
Decrypt Password
No you can't, as the thread at Stack Exchange
bcrypt is not an encryption function, it's a password hashing function, relying on Blowfish's key scheduling, not its encryption. Hashing are mathematical one-way functions, meaning there is no way to reverse the output string to get the input string. of course only Siths deal in absolutes and there are a few attacks against hashes. But none of them are "reversing" the hashing, AFAIK.
so that enough to secure the password
Set Expired Time
package main
import (
"fmt"
"github.com/supanadit/jwt-go"
"log"
)
func main() {
// Set Your JWT Secret Code, its optional but important, because default secret code is very insecure
jwt.SetJWTSecretCode("Your Secret Code")
// You can simply do this, jwt.setExpiredTime(Hour,Minute,Second)
jwt.SetExpiredTime(0, 0, 1)
}
Support Gin Web Framework
package main
import (
"github.com/gin-gonic/gin"
"github.com/supanadit/jwt-go"
"net/http"
)
func main() {
// Set Your JWT Secret Code, its optional but important, because default secret code is very insecure
jwt.SetJWTSecretCode("Your Secret Code")
// Create authorization
auth := jwt.Authorization{
Username: "admin",
Password: "123",
}
router := gin.Default()
// Login / Authorization for create JWT Token
router.POST("/auth", func(c *gin.Context) {
var a jwt.Authorization
err := c.Bind(&a)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"status": "Invalid body request",
"token": nil,
})
} else {
valid, err := auth.VerifyPassword(a.Password)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"status": "Wrong username or password",
"token": nil,
})
} else {
if valid {
token, err := a.GenerateJWT()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{
"status": "Can't generate JWT token",
"token": nil,
})
} else {
c.JSON(http.StatusOK, gin.H{
"status": "Success",
"token": token,
})
}
} else {
c.JSON(http.StatusBadRequest, gin.H{
"status": "Wrong username or password",
"token": nil,
})
}
}
}
})
// Test Authorization
router.GET("/test", func(c *gin.Context) {
// Variable for binding if you need decoded JWT
var dataAuth jwt.Authorization
// Verify and binding JWT
token, valid, err := jwt.VerifyAndBindingGinHeader(&dataAuth, c)
// in case if you don't want to decode the JWT, simply use this code
// token, valid, err := jwt.VerifyGinHeader(c)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"status": err.Error(),
})
} else {
if valid {
c.JSON(http.StatusOK, gin.H{
"status": token + " is valid",
})
} else {
c.JSON(http.StatusBadRequest, gin.H{
"status": "Invalid",
})
}
}
})
_ = router.Run(":8080")
}
Support Echo Web Framework
package main
import (
"github.com/labstack/echo/v4"
"github.com/supanadit/jwt-go"
"net/http"
)
func main() {
// Set Your JWT Secret Code, its optional but important, because default secret code is very insecure
jwt.SetJWTSecretCode("Your Secret Code")
// Create authorization
auth := jwt.Authorization{
Username: "admin",
Password: "123",
}
e := echo.New()
// Login / Authorization for create JWT Token
e.POST("/auth", func(c echo.Context) error {
a := new(jwt.Authorization)
// Create struct for response, or you can create globally by your self
var r struct {
Status string
Token string
}
err := c.Bind(a)
if err != nil {
r.Status = "Invalid body request"
return c.JSON(http.StatusBadRequest, &r)
} else {
valid, err := auth.VerifyPassword(a.Password)
if err != nil {
r.Status = "Wrong username or password"
return c.JSON(http.StatusBadRequest, &r)
} else {
if valid {
token, err := a.GenerateJWT()
if err != nil {
r.Status = "Can't generate JWT Token"
return c.JSON(http.StatusInternalServerError, &r)
} else {
r.Status = "Success"
r.Token = token
return c.JSON(http.StatusOK, &r)
}
} else {
r.Status = "Wrong username or password"
return c.JSON(http.StatusBadRequest, &r)
}
}
}
})
// Test Authorization
e.GET("/test", func(c echo.Context) error {
// Create struct for response
var r struct {
Status string
}
// Variable for binding if you need decoded JWT
dataAuth := new(jwt.Authorization)
// Verify and binding JWT
token, valid, err := jwt.VerifyAndBindingEchoHeader(&dataAuth, c)
// in case if you don't want to decode the JWT, simply use this code
// Token, valid, err := jwt.VerifyEchoHeader(c)
if err != nil {
r.Status = err.Error()
return c.JSON(http.StatusBadRequest, &r)
} else {
if valid {
r.Status = token + " is valid"
return c.JSON(http.StatusOK, &r)
} else {
r.Status = "Invalid"
return c.JSON(http.StatusBadRequest, &r)
}
}
})
// Start server
e.Logger.Fatal(e.Start(":1323"))
}
Disable & Enable Authorization
You can simply Enable and Disable authorization using code bellow
package main
import (
"github.com/supanadit/jwt-go"
)
func main() {
// Set Your JWT Secret Code, its optional but important, because default secret code is very insecure
jwt.SetJWTSecretCode("Your Secret Code")
jwt.DisableAuthorization() // Disable authorization, meaning when verify jwt token it will return true even if the token was expired or invalid
// or
jwt.EnableAuthorization() // Enable authorization
}
Thanks to
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
数据结构 Python语言描述
[美] Kenneth A. Lambert 兰伯特 / 李军 / 人民邮电出版社 / 2017-12-1 / CNY 69.00
在计算机科学中,数据结构是一门进阶性课程,概念抽象,难度较大。Python语言的语法简单,交互性强。用Python来讲解数据结构等主题,比C语言等实现起来更为容易,更为清晰。 《数据结构 Python语言描述》第1章简单介绍了Python语言的基础知识和特性。第2章到第4章对抽象数据类型、数据结构、复杂度分析、数组和线性链表结构进行了详细介绍,第5章和第6章重点介绍了面向对象设计的相关知识、......一起来看看 《数据结构 Python语言描述》 这本书的介绍吧!
