From 0840048161b7f076b42e686fde2cde50429fddb6 Mon Sep 17 00:00:00 2001 From: liyunjia Date: Thu, 23 May 2024 06:22:10 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0token=E4=B8=AD=E9=97=B4?= =?UTF-8?q?=E4=BB=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- library/src/middleware/mod.rs | 3 ++- library/src/middleware/req_token.rs | 30 +++++++++++++++++++++++++++++ library/src/token.rs | 14 +++++++------- 3 files changed, 39 insertions(+), 8 deletions(-) create mode 100644 library/src/middleware/req_token.rs diff --git a/library/src/middleware/mod.rs b/library/src/middleware/mod.rs index c5f72af..857c556 100644 --- a/library/src/middleware/mod.rs +++ b/library/src/middleware/mod.rs @@ -1,3 +1,4 @@ pub mod req_id; pub mod req_log; -pub mod cors; \ No newline at end of file +pub mod cors; +pub mod req_token; \ No newline at end of file diff --git a/library/src/middleware/req_token.rs b/library/src/middleware/req_token.rs new file mode 100644 index 0000000..46afcbf --- /dev/null +++ b/library/src/middleware/req_token.rs @@ -0,0 +1,30 @@ +use axum::{extract::Request, middleware::Next, response::{IntoResponse, Response}}; +use http::{header, StatusCode}; +use jsonwebtoken::{decode, DecodingKey, Validation}; + +use crate::{config, token::Claims}; + + +pub async fn authenticate_access_token(mut req: Request, next: Next) -> Response { + let auth_header = req.headers().get(header::AUTHORIZATION); + let token = match auth_header { + Some(header_value) => { + let parts: Vec<&str> = header_value.to_str().unwrap_or("").split_whitespace().collect(); + if parts.len() != 2 || parts[0] != "Bearer" { + return (StatusCode::BAD_REQUEST, "Invalid authorization header format".to_string()).into_response(); + } + parts[1] + }, + None => return (StatusCode::UNAUTHORIZED, "Missing authorization header".to_string()).into_response(), + }; + + let validation = Validation::default(); + match decode::(token, &DecodingKey::from_secret(config!().jwt.secret.as_bytes()), &validation) { + Ok(decoded) => { + // 将Claims附加到请求扩展中,以便后续处理使用 + req.extensions_mut().insert(decoded.claims); + next.run(req).await + }, + Err(_) => (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response(), + } +} \ No newline at end of file diff --git a/library/src/token.rs b/library/src/token.rs index 199b441..ac7a892 100644 --- a/library/src/token.rs +++ b/library/src/token.rs @@ -2,14 +2,14 @@ use serde::{Deserialize, Serialize}; use crate::config; -#[derive(Debug, Serialize, Deserialize)] -pub struct Claim { +#[derive(Debug, Serialize, Deserialize, Clone)] +pub struct Claims { sub: i64, // 用户ID exp: usize, // Token过期时间戳 } pub fn generate_token(sub: i64) -> String { - let claim = Claim { + let claim = Claims { sub, exp: config!().jwt.expires, }; @@ -17,14 +17,14 @@ pub fn generate_token(sub: i64) -> String { } pub fn generate_refresh_token(sub: i64) -> String { - let claim = Claim { + let claim = Claims { sub, exp: config!().jwt.refresh_expires, }; generate(claim) } -fn generate(claim: Claim) -> String { +fn generate(claim: Claims) -> String { let token = jsonwebtoken::encode( &jsonwebtoken::Header::default(), &claim, @@ -36,8 +36,8 @@ fn generate(claim: Claim) -> String { }) } -pub fn verify_token(token: &str) -> Result { - jsonwebtoken::decode::( +pub fn verify_token(token: &str) -> Result { + jsonwebtoken::decode::( token, &jsonwebtoken::DecodingKey::from_secret(config!().jwt.secret.as_bytes()), &jsonwebtoken::Validation::default(),