golang服务使用jwt生成token,apisix解析并验证token
1、配置apisix网关jwt
(1)、在 apisix dashboard 中 新建路由
(2)、新建路由时开启jwt插件
(3)、配置jwt插件
{
"algorithm": "HS256",
"base64_secret": false,
"disable": false,
"exp": 86400,
"key": "web-user",
"secret": "e23f083555e8dd81c886549beb49b9e3"
}
(4)、提交路由
2、编写golang服务代码
引入jwt包:
go get github.com/golang-jwt/jwt
生成token
playloads:token中需要携带的登录信息,可根据项目需要自己添加
secret:生成token密钥 必须和apisix配置保持一致
key:和apisix配置中的key保持一致
func CreateToken(playloads map[string]interface{},secret string,key string) (string, error) {
claims := make(jwt.MapClaims)
var iat int64 = time.Now().Unix()
claims["exp"] = iat +8600
claims["iat"] = iat
claims["key"] = key
for k, v := range playloads {
claims[k] = v
}
token := jwt.New(jwt.SigningMethodHS256)
token.Claims = claims
return token.SignedString([]byte(secret))
}
3:获取到token后请求,有三种方式
(1)、请求地址中携带token
http://127.0.0.1:9080/index.html?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2NDA1MDgxMX0.Us8zh_4VjJXF-TmR5f8cif8mBU7SuefPlpxhH0jbPVI -i
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 13175
...
Accept-Ranges: bytes
<!DOCTYPE html>
<html lang="cn">
...
(2)、使用cookie中携带token
$ curl http://127.0.0.1:9080/index.html --cookie jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2NDA1MDgxMX0.Us8zh_4VjJXF-TmR5f8cif8mBU7SuefPlpxhH0jbPVI -i
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 13175
...
Accept-Ranges: bytes
(3)、放在请求header中 Authorization:token
$ curl http://127.0.0.1:9080/index.html -H 'Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2NDA1MDgxMX0.Us8zh_4VjJXF-TmR5f8cif8mBU7SuefPlpxhH0jbPVI' -i
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 13175
...
Accept-Ranges: bytes