feat: 登录身份密钥加机器码防止其他网元跨用
This commit is contained in:
TsMask
@@ -11,6 +11,7 @@ import (
|
|||||||
"be.ems/src/framework/logger"
|
"be.ems/src/framework/logger"
|
||||||
redisCahe "be.ems/src/framework/redis"
|
redisCahe "be.ems/src/framework/redis"
|
||||||
"be.ems/src/framework/utils/generate"
|
"be.ems/src/framework/utils/generate"
|
||||||
|
"be.ems/src/framework/utils/machine"
|
||||||
"be.ems/src/framework/vo"
|
"be.ems/src/framework/vo"
|
||||||
|
|
||||||
jwt "github.com/golang-jwt/jwt/v5"
|
jwt "github.com/golang-jwt/jwt/v5"
|
||||||
@@ -74,7 +75,7 @@ func Create(loginUser *vo.LoginUser, ilobArgs ...string) string {
|
|||||||
|
|
||||||
// 生成令牌设置密钥
|
// 生成令牌设置密钥
|
||||||
secret := config.Get("jwt.secret").(string)
|
secret := config.Get("jwt.secret").(string)
|
||||||
tokenStr, err := jwtToken.SignedString([]byte(secret))
|
tokenStr, err := jwtToken.SignedString([]byte(machine.Code + "@" + secret))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Infof("jwt sign err : %v", err)
|
logger.Infof("jwt sign err : %v", err)
|
||||||
return ""
|
return ""
|
||||||
@@ -118,7 +119,7 @@ func Verify(tokenString string) (jwt.MapClaims, error) {
|
|||||||
// 判断加密算法是预期的加密算法
|
// 判断加密算法是预期的加密算法
|
||||||
if _, ok := token.Method.(*jwt.SigningMethodHMAC); ok {
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); ok {
|
||||||
secret := config.Get("jwt.secret").(string)
|
secret := config.Get("jwt.secret").(string)
|
||||||
return []byte(secret), nil
|
return []byte(machine.Code + "@" + secret), nil
|
||||||
}
|
}
|
||||||
return nil, jwt.ErrSignatureInvalid
|
return nil, jwt.ErrSignatureInvalid
|
||||||
})
|
})
|
||||||
|
|||||||
Reference in New Issue
Block a user