Documentation
¶
Index ¶
- Constants
- Variables
- func GetUserInfo[T any](ctx context.Context) T
- type Ciphertext
- type CiphertextConfig
- type Claims
- type Config
- type Email
- type IDCard
- type JWToken
- func (t *JWToken) Generate(ctx context.Context, claims *Claims) (atoken, rtoken string, err error)
- func (t *JWToken) GetToken(ctx context.Context, subject string) (string, error)
- func (t *JWToken) GetTokenID(ctx context.Context, subject string) (string, error)
- func (t *JWToken) Parse(tokenString string) (*Claims, error)
- func (t *JWToken) RemoveToken(ctx context.Context, subject string) error
- type JwtConfig
- type PasswdVerifier
- type PasswordStrength
- type PasswordValidator
- type PhoneNo
- type PwdVerifier
Constants ¶
View Source
const ( CacheKeyPrefix = "login_token:" ATokenExpiredDuration types.Duration = "2h" RTokenExpiredDuration types.Duration = "360h" // 15天 )
View Source
const (
ClaimsKey = "claims"
)
Variables ¶
View Source
var ( ErrPasswordTooShort = errors.New("password must be at least the minimum required length") ErrPasswordNoUpper = errors.New("password must contain at least one uppercase letter") ErrPasswordNoLower = errors.New("password must contain at least one lowercase letter") ErrPasswordNoDigit = errors.New("password must contain at least one digit") ErrPasswordNoSpecial = errors.New("password must contain at least one special character") )
定义哨兵错误
View Source
var (
ErrPasswdLimit = errors.New("password error limit")
)
Functions ¶
func GetUserInfo ¶ added in v0.1.3
Types ¶
type Ciphertext ¶
type Ciphertext string
Ciphertext 密文 use: 前端密码字段的传输
密码字段设计: 1.前端密码字段加密 2.后端解密出原文 3.后端密码强度校验 4.入库时hash不可逆编码(可以加盐)
func (*Ciphertext) BcryptVerify ¶
func (ct *Ciphertext) BcryptVerify(hashPasswd string) bool
BcryptVerify 验证密码
func (*Ciphertext) Decrypt ¶
func (ct *Ciphertext) Decrypt(secret string) error
Decrypt 解密 (解出来的是原文)
func (*Ciphertext) Encrypt ¶ added in v0.1.1
func (ct *Ciphertext) Encrypt(secret string) error
Encrypt 加密 (可以反解密)
type CiphertextConfig ¶
type CiphertextConfig struct {
IsCiphertext bool `mapstructure:"isCiphertext" yaml:"isCiphertext"` // 密码字段是否启用密文传输
CipherKey Ciphertext `mapstructure:"cipherKey" yaml:"cipherKey" mask:""` // 支持 8 16 24 bit
}
type Claims ¶
type Claims struct {
// https://tools.ietf.org/html/rfc7519 RFC 7519 定义的标准
/*
type StandardClaims struct {
Audience string `json:"aud,omitempty"` // 受众(Audience),即该 JWT 令牌的目标用户或系统 (API 服务器的标识, https://api.example.com)
ExpiresAt int64 `json:"exp,omitempty"` // 过期时间(Expiration Time),以 UNIX 时间戳(秒)表示
Id string `json:"jti,omitempty"` // JWT 唯一标识(JWT ID),用于避免令牌重放攻击
IssuedAt int64 `json:"iat,omitempty"` // 签发时间(Issued At),表示令牌的创建时间
Issuer string `json:"iss,omitempty"` // 签发者(Issuer),通常是颁发 JWT 的服务
NotBefore int64 `json:"nbf,omitempty"` // 生效时间(Not Before),表示该令牌在此时间之后才有效
Subject string `json:"sub,omitempty"` // 主题(Subject),通常是用户 ID 或用户名
}
*/
jwt.RegisteredClaims
Data any `json:"data,omitempty"` // 自定义数据
}
type Config ¶
type Config struct {
Ciphertext CiphertextConfig `mapstructure:"ciphertext"`
Jwt JwtConfig `mapstructure:"jwt"`
}
type JWToken ¶
type JWToken struct {
// contains filtered or unexported fields
}
func (*JWToken) GetTokenID ¶
GetTokenID 获取 tokenID
type JwtConfig ¶
type JwtConfig struct {
Secret Ciphertext `mapstructure:"secret" mask:""`
CacheKeyPrefix string `mapstructure:"cacheKeyPrefix" yaml:"cacheKeyPrefix"` // jwt cache key prefix 分布式共享token
// Claims jwt claims
Audience []string `mapstructure:"audience"` // jwt audience
Issuer string `mapstructure:"issuer"` // jwt issuer
AccessTokenExpired types.Duration `mapstructure:"accessTokenExpired" yaml:"accessTokenExpired" validate:"duration" default:"2h"` // jwt access token expired
RefreshTokenExpired types.Duration `mapstructure:"refreshTokenExpired" yaml:"refreshTokenExpired" validate:"duration" default:"720h"` // jwt refresh token expired
}
type PasswdVerifier ¶
type PasswdVerifier struct {
// contains filtered or unexported fields
}
PasswdVerifier 登录密码验证器 1.对密码进行hash加密 2.随机生成盐 3.密码错误次数限制(依赖Redis)
func DefaultPasswdVerifier ¶
func DefaultPasswdVerifier(cache cache.Cache, expiration time.Duration, limit int32) *PasswdVerifier
DefaultPasswdVerifier 本地统计错误次数 (单节点)
func NewPasswdVerifier ¶
func NewPasswdVerifier(rdb redis.Cmdable, expiration time.Duration, limit int32) *PasswdVerifier
NewPasswdVerifier 通过redis实现密码错误次数限制 (多节点) 1. keyTmp: 错误次数存放的key的模板 key = fmt.Sprintf(keyTmp, username) 2. 如果 expiration 为0,则使用默认的过期时间为第二天零点
func (*PasswdVerifier) BcryptHash ¶
func (h *PasswdVerifier) BcryptHash(passwd string) string
BcryptHash 密码加密
func (*PasswdVerifier) BcryptVerify ¶
func (h *PasswdVerifier) BcryptVerify(hash, password string) bool
BcryptVerify 验证密码
func (*PasswdVerifier) VerifierAndCount ¶ added in v0.1.4
func (h *PasswdVerifier) VerifierAndCount(key string) PwdVerifier
VerifierAndCount 验证密码统计错误次数
type PasswordStrength ¶ added in v0.1.1
type PasswordStrength int
PasswordStrength 定义密码强度等级
const ( Weak PasswordStrength = iota // 弱 Moderate // 中等 Strong // 强 VeryStrong // 非常强 )
type PasswordValidator ¶ added in v0.1.1
type PasswordValidator struct {
MinLength int // 最小长度
RequireUpper bool // 需要大写字母
RequireLower bool // 需要小写字母
RequireDigit bool // 需要数字
RequireSpecial bool // 需要特殊字符
}
PasswordValidator 用于校验密码强度
func NewPasswordValidator ¶ added in v0.1.1
func NewPasswordValidator(minLength int, requireUpper, requireLower, requireDigit, requireSpecial bool) *PasswordValidator
NewPasswordValidator 创建一个新的密码校验器
func (*PasswordValidator) Validate ¶ added in v0.1.1
func (v *PasswordValidator) Validate(password string) (PasswordStrength, error)
Validate 校验密码强度
type PwdVerifier ¶ added in v0.1.4
type PwdVerifier struct {
OnErr func(err error)
// contains filtered or unexported fields
}
func (*PwdVerifier) BcryptVerify ¶ added in v0.1.4
func (h *PwdVerifier) BcryptVerify(ctx context.Context, hash, password string) bool
BcryptVerifyWithCount 验证密码统计错误次数
func (*PwdVerifier) Clear ¶ added in v0.1.4
func (h *PwdVerifier) Clear(ctx context.Context)
Clear 清除密码错误次数
func (*PwdVerifier) GetErrCount ¶ added in v0.1.4
func (h *PwdVerifier) GetErrCount() int32
GetErrCount 获取密码错误次数
func (*PwdVerifier) GetRemainCount ¶ added in v0.1.4
func (h *PwdVerifier) GetRemainCount() int32
GetRemainCount 获取密码剩余的错误次数
func (*PwdVerifier) Incr ¶ added in v0.1.4
func (h *PwdVerifier) Incr(ctx context.Context)
Incr 密码错误次数+1
Source Files
Click to show internal directories.
Click to hide internal directories.