{"id":42509,"date":"2024-12-01T14:24:18","date_gmt":"2024-12-01T06:24:18","guid":{"rendered":"https:\/\/fwq.ai\/blog\/42509\/"},"modified":"2024-12-01T14:24:18","modified_gmt":"2024-12-01T06:24:18","slug":"%e5%a6%82%e4%bd%95%e4%bb%8e%e4%bd%bf%e7%94%a8-go-fiber-golang-%e6%a1%86%e6%9e%b6%e5%88%9b%e5%bb%ba%e7%9a%84-cookie-%e4%b8%ad%e8%8e%b7%e5%8f%96-jwt-%e6%9c%89%e6%95%88%e8%b4%9f%e8%bd%bd%e6%95%b0","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/42509\/","title":{"rendered":"\u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f"},"content":{"rendered":"

<\/b> <\/p>\n

\u5f53\u524d\u4f4d\u7f6e\uff1a ><\/span> ><\/span> ><\/span> ><\/span> \u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f<\/span><\/p>\n

\u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f<\/h1>\n

\u6765\u6e90\uff1astackoverflow<\/span>
\n2024-04-24 10:06:33<\/span>
\n<\/i>0\u6d4f\u89c8<\/span>
\n<\/i>\u6536\u85cf<\/span> <\/p>\n

\u5404\u4f4d\u5c0f\u4f19\u4f34\u4eec\uff0c\u5927\u5bb6\u597d\u5440\uff01\u770b\u770b\u4eca\u5929\u6211\u53c8\u7ed9\u5404\u4f4d\u5e26\u6765\u4e86\u4ec0\u4e48\u6587\u7ae0\uff1f\u672c\u6587\u6807\u9898\u662f<\/span>\u300a\u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f\u300b<\/span>\uff0c\u5f88\u660e\u663e\u662f\u5173\u4e8eGolang<\/span>\u7684\u6587\u7ae0\u54c8\u54c8\u54c8\uff0c\u5176\u4e2d\u5185\u5bb9\u4e3b\u8981\u4f1a\u6d89\u53ca\u5230<\/span>\u7b49\u7b49\uff0c\u5982\u679c\u80fd\u5e2e\u5230\u4f60\uff0c\u89c9\u5f97\u5f88\u4e0d\u9519\u7684\u8bdd\uff0c\u6b22\u8fce\u5404\u4f4d\u591a\u591a\u70b9\u8bc4\u548c\u5206\u4eab\uff01<\/span><\/p>\n

\u95ee\u9898\u5185\u5bb9
\n <\/p>\n

\u6211\u6709\u4ee5\u4e0b\u529f\u80fd\uff0c\u53ef\u4ee5\u4f7f\u7528 v2 \u7248\u672c \"github.com\/go fiber\/ fiber\/v2\"<\/code> \u521b\u5efa\u5e26\u6709 go fiber \u6846\u67b6\u7684\u670d\u52a1\u5668\u7aef httponly<\/p>\n

func signin(c *fiber.ctx) error {\n    \n    type signindata struct {\n        email  string `json:\"email\" xml:\"email\" form:\"email\"`\n        password string `json:\"password\" xml:\"password\" form:\"password\"`\n    }\n\n    data := signindata{}\n\n    if err := c.bodyparser(&data); err != nil {\n        return err\n    }\n\n    var user models.user\n\n    finduser := database.db.where(\"email = ?\", data.email).first(&user)\n\n    if finduser == nil {\n        c.status(fiber.statusbadrequest)\n        return c.json(fiber.map{\n            \"message\": \"account not found\",\n        })\n    }\n\n    if err := user.comparepassword(data.password); err != nil {\n        c.status(fiber.statusbadrequest)\n        return c.json(fiber.map{\n            \"message\": \"invalid credentials\",\n        })\n    }\n\n    issuperuser := database.db.where(\"email = ? and is_superuser = ?\", data.email, true).first(&user).error\n\n    var scope string\n\n    if errors.is(issuperuser, gorm.errrecordnotfound) {\n        scope = \"user\"\n    } else {\n        scope = \"admin\"\n    }\n\n    token, err := middlewares.createtokens(user.email, scope)\n\n    if err != nil {\n        c.status(fiber.statusbadrequest)\n        return c.json(fiber.map{\n            \"message\": \"could not generate session tokens\",\n        })  \n    }\n\n    saveerr := middlewares.redisstoretokens(user.email, token)\n    if saveerr != nil {\n        c.status(fiber.statusbadrequest)\n        return c.json(fiber.map{\n            \"message\": \"could not save session to redis\",\n        })\n    }\n    tokens := map[string]string{\n        \"access_token\":  token.accesstoken,\n        \"refresh_token\": token.refreshtoken,\n    }\n\n    cookie := fiber.cookie{\n        name: \"access_token\",\n        value: tokens[\"access_token\"],\n        expires: time.now().add(time.hour * 24),\n        httponly: true,\n        secure:   true,\n    }\n\n    c.cookie(&cookie)\n\n    return c.json(fiber.map{\n        \"access_token\": tokens[\"access_token\"],\n        \"refresh_token\": tokens[\"refresh_token\"],\n        \"token_type\": \"bearer\",\n    })\n\n}<\/pre>\n
\u8fd9\u662f\u767b\u5f55\u65f6\u8fd4\u56de\u7684\u5185\u5bb9<\/p>\n
{\n    \"access_token\": \"eyjhbgcioijiuzi1niisinr5cci6ikpxvcj9.eyjhy2nlc3nfdxvpzci6imflmmq4mdlhltnhzdgtndgwns1imjzllwuyywmwntyymjzhziisimf1dghvcml6zwqionrydwusimv4cci6mty0mte4ntg5mcwicgvybwlzc2lvbii6invzzxiilcjzdwiioij0zxn0oeblegftcgxllmnvbsj9.cxzknodb1xkmt_quq4onvdcxfmprbjt4umg38a1xwqa\",\n    \"refresh_token\": \"eyjhbgcioijiuzi1niisinr5cci6ikpxvcj9.eyjyzwzyzxnox3v1awqioijhztjkoda5ys0zywq4ltq4mdutyji2zs1lmmfjmdu2mji2ywyrk3rlc3q4qgv4yw1wbguuy29tin0._6zog65gmnwbwnpkaqb2lxupihkzgczg9p62xobds8u\",\n    \"token_type\": \"bearer\"\n}<\/pre>\n
cookie access_token<\/code> \u662f\u4f7f\u7528 eyjhbgcioijiuzi1niisinr5cci6ikpxvcj9.eyjhy2nlc3nfdxvpzci6imflmmq4mdlhltnhzdgtndgwns1imjzllwuyywmwntyymjzhziis \u7684\u503c\u521b\u5efa\u7684imf1dghvcml6zwqionrydwusimv4cci6mty0mte4ntg5mcwicgvybwlzc2lvbii6invzzxiilcjzdwiioij0zxn0oeblegftcgxllmnvbsj9.cxzknodb1xkmt_quq4onvdcxfmprbjt4umg38 a1xwqa<\/code> \u5982\u679c\u68c0\u67e5 cookie \u7684\u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff0c\u5c31\u4f1a\u5f97\u5230\u4ee5\u4e0b\u5185\u5bb9<\/p>\n
{\n  \"access_uuid\": \"ae2d809a-3ad8-4805-b26e-e2ac056226af\",\n  \"authorized\": true,\n  \"exp\": 1641185890,\n  \"permission\": \"user\",\n  \"sub\": \"[email protected]\"\n}<\/pre>\n
\u6240\u4ee5\u73b0\u5728\u6211\u60f3\u8981\u53e6\u4e00\u4e2a\u51fd\u6570\u6765\u63d0\u53d6\u5e76\u80fd\u591f\u83b7\u53d6 cookie \u4e2d\u7684\u6240\u6709\u8fd9\u4e9b\u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff0c\u4ee5\u4fbf\u6211\u53ef\u4ee5\u5728\u5e94\u7528\u7a0b\u5e8f\u4e2d\u4f7f\u7528\u5b83<\/p>\n
\u8fd9\u662f\u6211\u62e5\u6709\u7684\u4e00\u4e2a\u51fd\u6570\uff0c\u5e94\u8be5\u53ef\u4ee5\u83b7\u53d6\u8fd9\u4e9b\u6570\u636e\uff0c\u4f46\u4e8b\u60c5\u4e0d\u8d77\u4f5c\u7528\uff0c\u5e76\u4e14 go fiber \u4e0d\u4f1a\u8bb0\u5f55\u4efb\u4f55\u9519\u8bef\uff0c\u56e0\u6b64\u5f88\u96be\u8fdb\u884c\u6545\u969c\u6392\u9664<\/p>\n
type claimswithscope struct {\n    jwt.registeredclaims\n    scope string `json:\"permissions\"`\n}\ntype accessdetails struct {\n    accessuuid   string  `json:\"access_uuid\"`\n    email        string  `json:\"email\"`\n}\ntype accessdetailsclaims struct {\n    jwt.registeredclaims\n    scope        string  `json:\"permissions\"`\n    accessuuid   string  `json:\"access_uuid\"`\n    authorized   string  `json:\"authorized\"`\n}\n...\n...\n...\nfunc getaccessdetails(c *fiber.ctx) (*accessdetails, error) {\n    ad := &accessdetails{}\n\n    cookie := c.cookies(\"access_token\")\n\n    var err error\n    token, err := jwt.parsewithclaims(cookie, &accessdetailsclaims{}, func(token *jwt.token) (interface{}, error) {\n        return []byte(secretkey), nil\n    })\n\n    if err != nil {\n        return nil, err\n    }\n\n    payload := token.claims.(*accessdetailsclaims)\n\n    ad.email = payload.subject\n    ad.accessuuid = payload.accessuuid\n\n    return ad, nil\n}<\/pre>\n
\u6211\u5728\u8fd9\u91cc\u505a\u9519\u4e86\u4ec0\u4e48\uff1f ad<\/code> \u5e94\u8be5\u80fd\u591f\u8fd4\u56de\u5b8c\u6574\u7684\u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff0c\u5c31\u50cf\u4ece\u767b\u5f55\u51fd\u6570\u521b\u5efa\u7684\u6570\u636e\u4e00\u6837<\/p>\n
{\n  \"access_uuid\": \"ae2d809a-3ad8-4805-b26e-e2ac056226af\",\n  \"authorized\": true,\n  \"exp\": 1641185890,\n  \"permission\": \"user\",\n  \"sub\": \"[email protected]\"\n}<\/pre>\n
\u8fd9\u6837\u6211\u5c31\u53ef\u4ee5\u4ece\u4e2d\u83b7\u53d6\u6211\u9700\u8981\u7684\u4efb\u4f55\u6570\u636e<\/p>\n
 <\/p>\n
\u6b63\u786e\u7b54\u6848<\/h2>\n
 <\/p>\n
\u7ec8\u4e8e\u660e\u767d\u4e86<\/p>\n
func getaccessdetails(c *fiber.ctx) (*accessdetails, error) {\n    ad := &accessdetails{}\n\n    cookie := c.cookies(\"access_token\")\n\n    var err error\n    token, err := jwt.parse(cookie, func(token *jwt.token) (interface{}, error) {\n        return []byte(os.getenv(\"access_secret\")), nil\n    })\n\n    if err != nil {\n        return nil, err\n    }\n\n    payload := token.claims.(jwt.mapclaims)\n\n    ad.email = payload[\"sub\"].(string)\n    ad.accessuuid = payload[\"access_uuid\"].(string)\n\n    return ad, nil\n}<\/pre>\n
\u56e0\u4e3a\u6211\u4f7f\u7528\u4e86mapclaims\u6765\u521b\u5efa\u4ee4\u724c\uff0c\u6240\u4ee5\u6211\u53ef\u4ee5\u7528\u8fd9\u4e2a\u6765\u83b7\u53d6\u5b83<\/p>\n
token, err := jwt.parse(cookie, func(token *jwt.token) (interface{}, error) {\n        return []byte(os.getenv(\"access_secret\")), nil\n    })<\/pre>\n
\u7136\u540e\u6309\u5982\u4e0b\u65b9\u5f0f\u5206\u914d ad := &accessdetails{}<\/code> \u7684\u5143\u7d20<\/p>\n
payload := token.Claims.(jwt.MapClaims)\n\n    ad.Email = payload[\"sub\"].(string)\n    ad.AccessUuid = payload[\"access_uuid\"].(string)<\/pre>\n
\u6587\u4e2d\u5173\u4e8e\u7684\u77e5\u8bc6\u4ecb\u7ecd\uff0c\u5e0c\u671b\u5bf9\u4f60\u7684\u5b66\u4e60\u6709\u6240\u5e2e\u52a9\uff01\u82e5\u662f\u53d7\u76ca\u532a\u6d45\uff0c\u90a3\u5c31\u52a8\u52a8\u9f20\u6807\u6536\u85cf\u8fd9\u7bc7\u300a\u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f\u300b\u6587\u7ae0\u5427\uff0c\u4e5f\u53ef\u5173\u6ce8\u7c73\u4e91\u516c\u4f17\u53f7\u4e86\u89e3\u76f8\u5173\u6280\u672f\u6587\u7ae0\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u5f53\u524d\u4f4d\u7f6e\uff1a > > > > \u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f \u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f \u6765\u6e90\uff1astackoverflow 2024-04-24 10:06:33 0\u6d4f\u89c8 \u6536\u85cf \u5404\u4f4d\u5c0f\u4f19\u4f34\u4eec\uff0c\u5927\u5bb6\u597d\u5440\uff01\u770b\u770b\u4eca\u5929\u6211\u53c8\u7ed9\u5404\u4f4d\u5e26\u6765\u4e86\u4ec0\u4e48\u6587\u7ae0\uff1f\u672c\u6587\u6807\u9898\u662f\u300a\u5982\u4f55\u4ece\u4f7f\u7528 go Fiber golang \u6846\u67b6\u521b\u5efa\u7684 cookie \u4e2d\u83b7\u53d6 jwt \u6709\u6548\u8d1f\u8f7d\u6570\u636e\uff1f\u300b\uff0c\u5f88\u660e\u663e\u662f\u5173\u4e8eGolang\u7684\u6587\u7ae0\u54c8\u54c8\u54c8\uff0c\u5176\u4e2d\u5185\u5bb9\u4e3b\u8981\u4f1a\u6d89\u53ca\u5230\u7b49\u7b49\uff0c\u5982\u679c\u80fd\u5e2e\u5230\u4f60\uff0c\u89c9\u5f97\u5f88\u4e0d\u9519\u7684\u8bdd\uff0c\u6b22\u8fce\u5404\u4f4d\u591a\u591a\u70b9\u8bc4\u548c\u5206\u4eab\uff01 \u95ee\u9898\u5185\u5bb9 \u6211\u6709\u4ee5\u4e0b\u529f\u80fd\uff0c\u53ef\u4ee5\u4f7f\u7528 v2 \u7248\u672c “github.com\/go fiber\/ fiber\/v2” \u521b\u5efa\u5e26\u6709 go fiber \u6846\u67b6\u7684\u670d\u52a1\u5668\u7aef httponly func signin(c *fiber.ctx) error { type […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-42509","post","type-post","status-publish","format-standard","hentry","category-docker"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/42509","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=42509"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/42509\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=42509"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=42509"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=42509"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}