fix

2025-07-10 18:09:11 +08:00
parent 35004f224e
commit 010fe2a8c7
96 changed files with 23709 additions and 19 deletions
--- a/backend-old/internal/service/auth/jwt_service.go
+++ b/backend-old/internal/service/auth/jwt_service.go
@ -0,0 +1,132 @@
+package auth
+
+import (
+	"fmt"
+	"time"
+	"github.com/golang-jwt/jwt/v5"
+	"photography-backend/internal/config"
+)
+
+// JWTService JWT服务
+type JWTService struct {
+	secretKey            []byte
+	accessTokenDuration  time.Duration
+	refreshTokenDuration time.Duration
+}
+
+// JWTClaims JWT声明
+type JWTClaims struct {
+	UserID   uint   `json:"user_id"`
+	Username string `json:"username"`
+	Role     string `json:"role"`
+	jwt.RegisteredClaims
+}
+
+// TokenPair 令牌对
+type TokenPair struct {
+	AccessToken  string `json:"access_token"`
+	RefreshToken string `json:"refresh_token"`
+	TokenType    string `json:"token_type"`
+	ExpiresIn    int64  `json:"expires_in"`
+}
+
+// NewJWTService 创建JWT服务
+func NewJWTService(cfg *config.JWTConfig) *JWTService {
+	accessDuration, _ := time.ParseDuration(cfg.ExpiresIn)
+	refreshDuration, _ := time.ParseDuration(cfg.RefreshExpiresIn)
+	
+	return &JWTService{
+		secretKey:            []byte(cfg.Secret),
+		accessTokenDuration:  accessDuration,
+		refreshTokenDuration: refreshDuration,
+	}
+}
+
+// GenerateTokenPair 生成令牌对
+func (s *JWTService) GenerateTokenPair(userID uint, username, role string) (*TokenPair, error) {
+	// 生成访问令牌
+	accessToken, err := s.generateToken(userID, username, role, s.accessTokenDuration)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate access token: %w", err)
+	}
+	
+	// 生成刷新令牌
+	refreshToken, err := s.generateToken(userID, username, role, s.refreshTokenDuration)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate refresh token: %w", err)
+	}
+	
+	return &TokenPair{
+		AccessToken:  accessToken,
+		RefreshToken: refreshToken,
+		TokenType:    "Bearer",
+		ExpiresIn:    int64(s.accessTokenDuration.Seconds()),
+	}, nil
+}
+
+// generateToken 生成令牌
+func (s *JWTService) generateToken(userID uint, username, role string, duration time.Duration) (string, error) {
+	now := time.Now()
+	claims := &JWTClaims{
+		UserID:   userID,
+		Username: username,
+		Role:     role,
+		RegisteredClaims: jwt.RegisteredClaims{
+			ExpiresAt: jwt.NewNumericDate(now.Add(duration)),
+			IssuedAt:  jwt.NewNumericDate(now),
+			NotBefore: jwt.NewNumericDate(now),
+			Issuer:    "photography-backend",
+		},
+	}
+	
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString(s.secretKey)
+}
+
+// ValidateToken 验证令牌
+func (s *JWTService) ValidateToken(tokenString string) (*JWTClaims, error) {
+	token, err := jwt.ParseWithClaims(tokenString, &JWTClaims{}, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+		return s.secretKey, nil
+	})
+	
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse token: %w", err)
+	}
+	
+	if claims, ok := token.Claims.(*JWTClaims); ok && token.Valid {
+		return claims, nil
+	}
+	
+	return nil, fmt.Errorf("invalid token")
+}
+
+// RefreshToken 刷新令牌
+func (s *JWTService) RefreshToken(refreshToken string) (*TokenPair, error) {
+	claims, err := s.ValidateToken(refreshToken)
+	if err != nil {
+		return nil, fmt.Errorf("invalid refresh token: %w", err)
+	}
+	
+	// 生成新的令牌对
+	return s.GenerateTokenPair(claims.UserID, claims.Username, claims.Role)
+}
+
+// GetClaimsFromToken 从令牌中获取声明
+func (s *JWTService) GetClaimsFromToken(tokenString string) (*JWTClaims, error) {
+	token, err := jwt.ParseWithClaims(tokenString, &JWTClaims{}, func(token *jwt.Token) (interface{}, error) {
+		return s.secretKey, nil
+	})
+	
+	if err != nil {
+		return nil, err
+	}
+	
+	if claims, ok := token.Claims.(*JWTClaims); ok {
+		return claims, nil
+	}
+	
+	return nil, fmt.Errorf("invalid claims")
+}