user_controller使用通用token逻辑
This commit is contained in:
@@ -2,31 +2,29 @@ package user
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/controller"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/service/token"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/logs"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/models"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/repository"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"gorm.io/gorm"
|
||||
)
|
||||
|
||||
// jwtSecret 是用于签名 JWT 的密钥。在生产环境中,这应该从环境变量或安全配置中读取。
|
||||
var jwtSecret = []byte("your_super_secret_jwt_key")
|
||||
|
||||
// Controller 用户控制器
|
||||
type Controller struct {
|
||||
userRepo repository.UserRepository
|
||||
logger *logs.Logger
|
||||
userRepo repository.UserRepository
|
||||
logger *logs.Logger
|
||||
tokenService token.TokenService // 注入 token 服务
|
||||
}
|
||||
|
||||
// NewController 创建用户控制器实例
|
||||
func NewController(userRepo repository.UserRepository, logger *logs.Logger) *Controller {
|
||||
func NewController(userRepo repository.UserRepository, logger *logs.Logger, tokenService token.TokenService) *Controller {
|
||||
return &Controller{
|
||||
userRepo: userRepo,
|
||||
logger: logger,
|
||||
userRepo: userRepo,
|
||||
logger: logger,
|
||||
tokenService: tokenService,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -55,24 +53,6 @@ type LoginResponse struct {
|
||||
Token string `json:"token"`
|
||||
}
|
||||
|
||||
// generateToken 为给定用户生成 JWT
|
||||
func generateToken(userID uint, username string) (string, error) {
|
||||
expirationTime := time.Now().Add(24 * time.Hour) // Token 24 小时后过期
|
||||
claims := jwt.MapClaims{
|
||||
"user_id": userID,
|
||||
"username": username,
|
||||
"exp": expirationTime.Unix(),
|
||||
}
|
||||
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||
tokenString, err := token.SignedString(jwtSecret)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return tokenString, nil
|
||||
}
|
||||
|
||||
// CreateUser 处理创建用户的请求
|
||||
func (c *Controller) CreateUser(ctx *gin.Context) {
|
||||
var req CreateUserRequest
|
||||
@@ -134,7 +114,7 @@ func (c *Controller) Login(ctx *gin.Context) {
|
||||
}
|
||||
|
||||
// 登录成功,生成 JWT token
|
||||
tokenString, err := generateToken(user.ID, user.Username)
|
||||
tokenString, err := c.tokenService.GenerateToken(user.ID)
|
||||
if err != nil {
|
||||
c.logger.Errorf("Login: 生成 token 失败: %v", err)
|
||||
controller.SendErrorResponse(ctx, http.StatusInternalServerError, "登录失败,无法生成认证信息")
|
||||
|
||||
60
internal/app/service/token/token_service.go
Normal file
60
internal/app/service/token/token_service.go
Normal file
@@ -0,0 +1,60 @@
|
||||
package token
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
)
|
||||
|
||||
// Claims 定义了 JWT 的声明结构
|
||||
type Claims struct {
|
||||
UserID uint `json:"user_id"`
|
||||
jwt.RegisteredClaims
|
||||
}
|
||||
|
||||
// TokenService 定义了 token 操作的接口
|
||||
type TokenService interface {
|
||||
GenerateToken(userID uint) (string, error)
|
||||
ParseToken(tokenString string) (*Claims, error)
|
||||
}
|
||||
|
||||
// tokenService 是 TokenService 接口的实现
|
||||
type tokenService struct {
|
||||
secret []byte
|
||||
}
|
||||
|
||||
// NewTokenService 创建并返回一个新的 TokenService 实例
|
||||
func NewTokenService(secret []byte) TokenService {
|
||||
return &tokenService{secret: secret}
|
||||
}
|
||||
|
||||
// GenerateToken 生成一个新的 JWT token
|
||||
func (s *tokenService) GenerateToken(userID uint) (string, error) {
|
||||
nowTime := time.Now()
|
||||
expireTime := nowTime.Add(24 * time.Hour) // Token 有效期为 24 小时
|
||||
|
||||
claims := Claims{
|
||||
UserID: userID,
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
ExpiresAt: jwt.NewNumericDate(expireTime),
|
||||
Issuer: "pig-farm-controller",
|
||||
},
|
||||
}
|
||||
|
||||
tokenClaims := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||
token, err := tokenClaims.SignedString(s.secret)
|
||||
return token, err
|
||||
}
|
||||
|
||||
// ParseToken 解析并验证 JWT token
|
||||
func (s *tokenService) ParseToken(tokenString string) (*Claims, error) {
|
||||
token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {
|
||||
return s.secret, nil
|
||||
})
|
||||
|
||||
if claims, ok := token.Claims.(*Claims); ok && token.Valid {
|
||||
return claims, nil
|
||||
}
|
||||
|
||||
return nil, err
|
||||
}
|
||||
95
internal/app/service/token/token_service_test.go
Normal file
95
internal/app/service/token/token_service_test.go
Normal file
@@ -0,0 +1,95 @@
|
||||
package token_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/service/token"
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
)
|
||||
|
||||
func TestGenerateToken(t *testing.T) {
|
||||
// 使用一个测试密钥初始化 TokenService
|
||||
testSecret := []byte("test_secret_key")
|
||||
service := token.NewTokenService(testSecret)
|
||||
|
||||
userID := uint(123)
|
||||
tokenString, err := service.GenerateToken(userID)
|
||||
|
||||
if err != nil {
|
||||
t.Fatalf("GenerateToken failed: %v", err)
|
||||
}
|
||||
|
||||
if tokenString == "" {
|
||||
t.Fatal("Generated token string is empty")
|
||||
}
|
||||
|
||||
// 解析 token 以确保其有效性及声明
|
||||
claims, err := service.ParseToken(tokenString)
|
||||
if err != nil {
|
||||
t.Fatalf("ParseToken failed after generation: %v", err)
|
||||
}
|
||||
|
||||
if claims.UserID != userID {
|
||||
t.Errorf("Expected UserID %d, got %d", userID, claims.UserID)
|
||||
}
|
||||
|
||||
// 检查 token 是否未过期 (在合理范围内)
|
||||
if claims.ExpiresAt == nil || claims.ExpiresAt.Time.Before(time.Now().Add(-time.Minute)) {
|
||||
t.Errorf("Token expiration time is invalid or already expired")
|
||||
}
|
||||
|
||||
if claims.Issuer != "pig-farm-controller" {
|
||||
t.Errorf("Expected Issuer \"pig-farm-controller\", got \"%s\"", claims.Issuer)
|
||||
}
|
||||
}
|
||||
|
||||
func TestParseToken(t *testing.T) {
|
||||
// 使用一个测试密钥初始化 TokenService
|
||||
testSecret := []byte("test_secret_key")
|
||||
service := token.NewTokenService(testSecret)
|
||||
|
||||
userID := uint(456)
|
||||
|
||||
// 生成一个有效的 token 用于解析测试
|
||||
validToken, err := service.GenerateToken(userID)
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to generate valid token for parsing test: %v", err)
|
||||
}
|
||||
|
||||
// 测试用例 1: 有效 token
|
||||
claims, err := service.ParseToken(validToken)
|
||||
if err != nil {
|
||||
t.Errorf("ParseToken failed for valid token: %v", err)
|
||||
}
|
||||
|
||||
if claims.UserID != userID {
|
||||
t.Errorf("Expected UserID %d, got %d for valid token", userID, claims.UserID)
|
||||
}
|
||||
|
||||
// 测试用例 2: 无效 token (例如, 错误的签名)
|
||||
invalidToken := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxMjMsImV4cCI6MTY3ODkwNTYwMCwiaXNzIjoicGlnLWZhcm0tY29udHJvbGxlciJ9.invalid_signature_here"
|
||||
_, err = service.ParseToken(invalidToken)
|
||||
if err == nil {
|
||||
t.Error("ParseToken unexpectedly succeeded for invalid token")
|
||||
}
|
||||
|
||||
// 测试用例 3: 过期 token (创建一个过期时间在过去的 token)
|
||||
expiredClaims := token.Claims{
|
||||
UserID: userID,
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(-time.Hour)), // 1 小时前
|
||||
Issuer: "pig-farm-controller",
|
||||
},
|
||||
}
|
||||
expiredTokenClaims := jwt.NewWithClaims(jwt.SigningMethodHS256, expiredClaims)
|
||||
expiredTokenString, err := expiredTokenClaims.SignedString(testSecret)
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to generate expired token: %v", err)
|
||||
}
|
||||
|
||||
_, err = service.ParseToken(expiredTokenString)
|
||||
if err == nil {
|
||||
t.Error("ParseToken unexpectedly succeeded for expired token")
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user