问题

我正在使用golang和jwt令牌进行登录，到目前为止一切都很好，它检查令牌的剩余时间，如果没有令牌，它会发送一条消息。但是我有两个问题，如果令牌无效或过期时间已过，则显示以下错误：

导致错误的代码行是：

claims := token.Claims.(*jwtCustomClaims)

我的jwtCustomClaims变量如下所示：

type jwtCustomClaims struct {
	User     string `json:"email"`
	Nombre   string `json:"nombre"`
	Apellido string `json:"apellido"`
	Edad     int    `json:"edad"`
	Genero   string `json:"genero"`
	Rol      string `json:"rol"`
	jwt.StandardClaims
}

使用此结构体还生成了令牌，检查令牌的完整函数如下：

func ValidateToken(tokenString string, secretKey string, c *fiber.Ctx) (*jwt.Token, error) {
	token, err := jwt.ParseWithClaims(tokenString, &jwtCustomClaims{}, func(token *jwt.Token) (interface{}, error) {
		return []byte(secretKey), nil
	})

	if err != nil {
		if err == jwt.ErrSignatureInvalid {
			return nil, err
		}
		return nil, c.JSON(fiber.Map{
			"message": "Unauthorized",
			"code":    400,
		})

	}

	_, ok := token.Claims.(*jwtCustomClaims)
	if !ok || !token.Valid {
		return nil, c.JSON(fiber.Map{
			"message": "Unauthorized",
			"code":    400,
		})
	}

	return token, nil
}

func TokenMiddleware(c *fiber.Ctx) error {
	tokenString := c.Get("Authorization")
	if tokenString == "" {
		return c.JSON(fiber.Map{
			"message": "No token",
			"code":    400,
		})
	}

	// 从头部中分离出令牌 "Bearer"
	tokenString = strings.ReplaceAll(tokenString, "Bearer ", "")

	token, err := ValidateToken(tokenString, os.Getenv("SECRET"), c)
	if err != nil {
		return err
	}

	claims := token.Claims.(*jwtCustomClaims)

	expiresIn := time.Until(time.Unix(claims.ExpiresAt, 0))
	if expiresIn > 0 {
		return c.JSON(fiber.Map{
			"message":    "Token is valid",
			"expires_in": expiresIn.String(),
			"is_expired": false,
		})
		//return c.Next()
	} else {
		return c.JSON(fiber.Map{
			"message":    "Token is valid but expired",
			"expires_in": 0,
			"is_expired": true,
		})
	}
}

为了检查它是否验证令牌，我只是尝试放入另一种类型的令牌，来自另一个项目，并将其写错以进行测试，但它会发送一个控制台错误。至于过期时间，我在网上查看了错误并找到了一个解决方法，将其写成if claims == nil，但它没有起作用，我不知道还能做什么。

英文:

I'm working on a login with golang using jwt token, everything so far is god, it checks what time is left on the token, if there is no token it send a message
But I have 2 problems, if the token is invalid or the expiration time is out it shows this error:

And the line that carry the error is this
claims := token.Claims.(*jwtCustomClaims)

my jwtCustomClaims variable is this:

type jwtCustomClaims struct {
User     string `json:&quot;email&quot;`
Nombre   string `json:&quot;nombre&quot;`
Apellido string `json:&quot;apellido&quot;`
Edad     int    `json:&quot;edad&quot;`
Genero   string `json:&quot;genero&quot;`
Rol      string `json:&quot;rol&quot;`
jwt.StandardClaims
}

with this struct is also generated the token, and the full function to check the token is this

func ValidateToken(tokenString string, secretKey string, c *fiber.Ctx) (*jwt.Token, error) {
token, err := jwt.ParseWithClaims(tokenString, &amp;jwtCustomClaims{}, func(token *jwt.Token) (interface{}, error) {
return []byte(secretKey), nil
})
if err != nil {
if err == jwt.ErrSignatureInvalid {
return nil, err
}
return nil, c.JSON(fiber.Map{
&quot;message&quot;: &quot;Unauthorized&quot;,
&quot;code&quot;:    400,
})
}
_, ok := token.Claims.(*jwtCustomClaims)
if !ok || !token.Valid {
return nil, c.JSON(fiber.Map{
&quot;message&quot;: &quot;Unauthorized&quot;,
&quot;code&quot;:    400,
})
}
return token, nil
}
func TokenMiddleware(c *fiber.Ctx) error {
tokenString := c.Get(&quot;Authorization&quot;)
if tokenString == &quot;&quot; {
return c.JSON(fiber.Map{
&quot;message&quot;: &quot;No token&quot;,
&quot;code&quot;:    400,
})
}
// Separa el token del encabezado &quot;Bearer&quot;
tokenString = strings.ReplaceAll(tokenString, &quot;Bearer &quot;, &quot;&quot;)
token, err := ValidateToken(tokenString, os.Getenv(&quot;SECRET&quot;), c)
if err != nil {
return err
}
claims := token.Claims.(*jwtCustomClaims)
expiresIn := time.Until(time.Unix(claims.ExpiresAt, 0))
if expiresIn &gt; 0 {
return c.JSON(fiber.Map{
&quot;message&quot;:    &quot;Token is valid&quot;,
&quot;expires_in&quot;: expiresIn.String(),
&quot;is_expired&quot;: false,
})
//return c.Next()
} else {
return c.JSON(fiber.Map{
&quot;message&quot;:    &quot;Token is valid but expired&quot;,
&quot;expires_in&quot;: 0,
&quot;is_expired&quot;: true,
})
}
}

To check if it validate the token i just try to put another type of token, from an other proyect and write it wrong just to test but it send a console error. And for the expiration time i look the error on the web and a solution to this is to write it like this if claims == nil but it didn't work, I don't know what else to do

答案1

得分: 0

请测试一下：

func ValidateToken(tokenString string, secretKey string, c *fiber.Ctx) (jwtCustomClaims, error) {
	var claims jwtCustomClaims
	token, err := jwt.ParseWithClaims(tokenString, &claims, func(token *jwt.Token) (interface{}, error) {
		return []byte(secretKey), nil
	})
	if err != nil {
		if err == jwt.ErrSignatureInvalid {
			return jwtCustomClaims{}, err
		}
		return jwtCustomClaims{}, c.JSON(fiber.Map{
			"message": "未经授权",
			"code":    400,
		})

	}

	if !token.Valid {
		return jwtCustomClaims{}, c.JSON(fiber.Map{
			"message": "未经授权",
			"code":    400,
		})
	}

	return claims, nil
}

func TokenMiddleware(c *fiber.Ctx) error {
    .
    .
    .

	claims, err := ValidateToken(tokenString, os.Getenv("SECRET"), c)
	if err != nil {
		return err
	}

	expiresIn := time.Until(time.Unix(claims.ExpiresAt, 0))

    .
    .
    .
}

英文:

Please test it:

func ValidateToken(tokenString string, secretKey string, c *fiber.Ctx) (jwtCustomClaims, error) {
var claims jwtCustomClaims
token, err := jwt.ParseWithClaims(tokenString, &amp;claims, func(token *jwt.Token) (interface{}, error) {
return []byte(secretKey), nil
})
if err != nil {
if err == jwt.ErrSignatureInvalid {
return jwtCustomClaims{}, err
}
return jwtCustomClaims{}, c.JSON(fiber.Map{
&quot;message&quot;: &quot;Unauthorized&quot;,
&quot;code&quot;:    400,
})
}
if !token.Valid {
return jwtCustomClaims{}, c.JSON(fiber.Map{
&quot;message&quot;: &quot;Unauthorized&quot;,
&quot;code&quot;:    400,
})
}
return claims, nil
}
func TokenMiddleware(c *fiber.Ctx) error {
.
.
.
claims, err := ValidateToken(tokenString, os.Getenv(&quot;SECRET&quot;), c)
if err != nil {
return err
}
expiresIn := time.Until(time.Unix(claims.ExpiresAt, 0))
.
.
.
}

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

无效的内存地址或空指针解引用验证 JWT 过期时间。

问题

答案1

为什么在实现 golang 类型的 sort.Interface 时，方法接收器不需要是指针？

如何正确解析命令行输入？

[Golang]客户端rabbitMQ意外关闭了TCP连接，如何捕获或修复它？

Google App Engine Golang – 注册非Google账户的用户

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论