add some comment, and modify example code

mingzaily · mingzaily · commit 4c4bb928741a · 2021-02-01T00:26:04.000+08:00
diff --git a/auth_error.go b/auth_error.go
@@ -62,4 +62,7 @@ var (
 
 	// ErrInvalidPubKey indicates the the given public key is invalid
 	ErrInvalidPubKey = errors.New("public key invalid")
+
+	// ErrMissingIdentity identity key and identity value is null
+	ErrMissingIdentity = errors.New("payload don't have identity key and identity value")
 )
diff --git a/auth_jwt.go b/auth_jwt.go
@@ -296,7 +296,7 @@ func (mw *GfJWTMiddleware) MiddlewareInit() error {
 	if mw.Key == nil {
 		return ErrMissingSecretKey
 	}
-	
+
 	if mw.CacheAdapter != nil {
 		blacklist.SetAdapter(mw.CacheAdapter)
 	}
@@ -408,9 +408,14 @@ func (mw *GfJWTMiddleware) LoginHandler(r *ghttp.Request) {
 		}
 	}
 
+	if _, ok := claims[mw.IdentityKey]; !ok {
+		mw.unauthorized(r, http.StatusInternalServerError, mw.HTTPStatusMessageFunc(ErrMissingIdentity, r))
+		return
+	}
+
 	expire := mw.TimeFunc().Add(mw.Timeout)
 	claims["exp"] = expire.Unix()
-	claims["orig_iat"] = mw.TimeFunc().Unix()
+	claims["iat"] = mw.TimeFunc().Unix()
 	tokenString, err := mw.signedString(token)
 
 	if err != nil {
@@ -487,7 +492,7 @@ func (mw *GfJWTMiddleware) RefreshToken(r *ghttp.Request) (string, time.Time, er
 
 	expire := mw.TimeFunc().Add(mw.Timeout)
 	newClaims["exp"] = expire.Unix()
-	newClaims["orig_iat"] = mw.TimeFunc().Unix()
+	newClaims["iat"] = mw.TimeFunc().Unix()
 	tokenString, err := mw.signedString(newToken)
 
 	if err != nil {
@@ -537,7 +542,7 @@ func (mw *GfJWTMiddleware) CheckIfTokenExpire(r *ghttp.Request) (jwt.MapClaims,
 
 	claims := token.Claims.(jwt.MapClaims)
 
-	origIat := int64(claims["orig_iat"].(float64))
+	origIat := int64(claims["iat"].(float64))
 
 	if origIat < mw.TimeFunc().Add(-mw.MaxRefresh).Unix() {
 		return nil, "", ErrExpiredToken
@@ -559,7 +564,7 @@ func (mw *GfJWTMiddleware) TokenGenerator(data interface{}) (string, time.Time,
 
 	expire := mw.TimeFunc().UTC().Add(mw.Timeout)
 	claims["exp"] = expire.Unix()
-	claims["orig_iat"] = mw.TimeFunc().Unix()
+	claims["iat"] = mw.TimeFunc().Unix()
 	tokenString, err := mw.signedString(token)
 	if err != nil {
 		return "", time.Time{}, err
diff --git a/example/api/auth.go b/example/api/auth.go
@@ -34,8 +34,8 @@ func init() {
 		RefreshResponse: RefreshResponse,
 		LogoutResponse:  LogoutResponse,
 		Unauthorized:    Unauthorized,
-		IdentityHandler: IdentityHandler,
 		PayloadFunc:     PayloadFunc,
+		IdentityHandler: IdentityHandler,
 	})
 	if err != nil {
 		glog.Fatal("JWT Error:" + err.Error())
@@ -60,10 +60,11 @@ func PayloadFunc(data interface{}) jwt.MapClaims {
 	return claims
 }
 
-// IdentityHandler sets the identity for JWT.
+// IdentityHandler get the identity from JWT and set the identity for every request
+// Using this function, by r.GetParam("id") get identity
 func IdentityHandler(r *ghttp.Request) interface{} {
 	claims := jwt.ExtractClaims(r)
-	return claims["id"]
+	return claims[Auth.IdentityKey]
 }
 
 // Unauthorized is used to define customized Unauthorized callback function.
@@ -106,6 +107,7 @@ func LogoutResponse(r *ghttp.Request, code int) {
 
 // Authenticator is used to validate login parameters.
 // It must return user data as user identifier, it will be stored in Claim Array.
+// if your identityKey is 'id', your user data must have 'id'
 // Check error (e) to determine the appropriate error message.
 func Authenticator(r *ghttp.Request) (interface{}, error) {
 	var (
diff --git a/example/api/work.go b/example/api/work.go
@@ -1,19 +1,31 @@
 package api
 
 import (
+	"github.com/gogf/gf/frame/g"
 	"github.com/gogf/gf/net/ghttp"
 )
 
 var Work = new(workApi)
 
 type workApi struct{}
 
-// hello should be authenticated to view.
-func (a *workApi) Hello(r *ghttp.Request) {
-	r.Response.Write("Hello")
-}
-
 // works is the default router handler for web server.
 func (a *workApi) Works(r *ghttp.Request) {
-	r.Response.Write("It works!")
+	data := g.Map{
+		"message": "It works!",
+	}
+	r.Response.WriteJson(data)
+}
+
+// info should be authenticated to view.
+// info is the get user data handler
+func (a *workApi) Info(r *ghttp.Request) {
+	data := g.Map{
+		// get identity by identity key 'id'
+		"id":           r.Get("id"),
+		"identity_key": r.Get(Auth.IdentityKey),
+		// get payload by identity
+		"payload": r.Get("JWT_PAYLOAD"),
+	}
+	r.Response.WriteJson(data)
 }
diff --git a/example/main.go b/example/main.go
@@ -5,7 +5,6 @@ import (
 	"github.com/gogf/gf-jwt/example/service"
 	"github.com/gogf/gf/frame/g"
 	"github.com/gogf/gf/net/ghttp"
-	"time"
 )
 
 // authHook is the HOOK function implements JWT logistics.
@@ -15,15 +14,14 @@ func middlewareAuth(r *ghttp.Request) {
 }
 
 func main() {
-	println(time.Now().Unix())
 	s := g.Server()
 	s.BindHandler("/", api.Work.Works)
 	s.BindHandler("POST:/login", api.Auth.LoginHandler)
 	s.Group("/user", func(g *ghttp.RouterGroup) {
 		g.Middleware(service.Middleware.CORS, middlewareAuth)
+		g.ALL("/info", api.Work.Info)
 		g.ALL("/refresh_token", api.Auth.RefreshHandler)
 		g.ALL("/logout", api.Auth.LogoutHandler)
-		g.ALL("/hello", api.Work.Hello)
 	})
 	s.SetPort(8000)
 	s.Run()
diff --git a/example/model/auth.go b/example/model/auth.go
@@ -2,15 +2,15 @@ package model
 
 /**
 API
- */
+*/
 type ApiLoginReq struct {
 	Username string
 	Password string
 }
 
 /**
 Service
- */
+*/
 type ServiceLoginReq struct {
 	Username string
 	Password string
diff --git a/example/service/user.go b/example/service/user.go
@@ -7,12 +7,12 @@ import (
 
 var User = new(userService)
 
-type userService struct {}
+type userService struct{}
 
 func (s *userService) GetUserByUsernamePassword(serviceReq *model.ServiceLoginReq) map[string]interface{} {
 	if serviceReq.Username == "admin" && serviceReq.Password == "admin" {
 		return g.Map{
-			"id": 1,
+			"id":       1,
 			"username": "admin",
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -62,4 +62,7 @@ var (`
`62`	`62`
`63`	`63`	`// ErrInvalidPubKey indicates the the given public key is invalid`
`64`	`64`	`ErrInvalidPubKey = errors.New("public key invalid")`
	`65`	`+`
	`66`	`+ // ErrMissingIdentity identity key and identity value is null`
	`67`	`+ ErrMissingIdentity = errors.New("payload don't have identity key and identity value")`
`65`	`68`	`)`
Original file line number	Diff line number	Diff line change
`@@ -7,12 +7,12 @@ import (`
`7`	`7`
`8`	`8`	`var User = new(userService)`
`9`	`9`
`10`		`-type userService struct {}`
	`10`	`+type userService struct{}`
`11`	`11`
`12`	`12`	`func (s userService) GetUserByUsernamePassword(serviceReq model.ServiceLoginReq) map[string]interface{} {`
`13`	`13`	`if serviceReq.Username == "admin" && serviceReq.Password == "admin" {`
`14`	`14`	`return g.Map{`
`15`		`- "id": 1,`
	`15`	`+ "id": 1,`
`16`	`16`	`"username": "admin",`
`17`	`17`	`}`
`18`	`18`	`}`