fix bug

2025-10-13 13:10:01 +08:00 · 2025-10-13 13:10:01 +08:00 · 8aafcbd91c
parent 7e91109bce
commit 8aafcbd91c
2 changed files with 22 additions and 14 deletions
--- a/crypto/token/jwt.go
+++ b/crypto/token/jwt.go
@ -77,19 +77,19 @@ func (t *tokenJwt) IsExpired(tokenstring string) (bool, error) {
 	// 分割JWT的三个部分
 	parts := strings.Split(tokenstring, ".")
 	if len(parts) != 3 {
-		return false, errcode.ErrTokenDataInvalid
+		return true, errcode.ErrTokenDataInvalid
 	}

 	// 解码Payload部分
 	payload, err := base64.RawURLEncoding.DecodeString(parts[1])
 	if err != nil {
-		return false, errcode.String(errcode.ErrTokenBase64Decode, err.Error())
+		return true, errcode.String(errcode.ErrTokenBase64Decode, err.Error())
 	}

 	// 解析JSON
 	var claims jwt.RegisteredClaims
 	if err := json.Unmarshal(payload, &claims); err != nil {
-		return false, errcode.String(errcode.ErrTokenJsonDecode, err.Error())
+		return true, errcode.String(errcode.ErrTokenJsonDecode, err.Error())
 	}

 	// 检查过期时间
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@ -6,9 +6,9 @@ import (
 	"encoding/json"
 	"log"
 	"net/http"
-	"time"

-	"git.apinb.com/bsm-sdk/core/crypto/encipher"
+	"git.apinb.com/bsm-sdk/core/crypto/token"
+	"git.apinb.com/bsm-sdk/core/env"
 	"git.apinb.com/bsm-sdk/core/errcode"
 	"git.apinb.com/bsm-sdk/core/types"
 	"github.com/gin-gonic/gin"
@ -27,19 +27,18 @@ func JwtAuth(time_verify bool) gin.HandlerFunc {
 			c.Abort()
 			return
 		}
-		// 提取Token
-		claims, err := encipher.ParseTokenAes(authHeader)
-		if err != nil || claims == nil {
-			log.Printf("提取token异常:%v\n", err)
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
-			c.Abort()
-			return
-		}

 		// 检测是否需要验证token时间
 		if time_verify {
 			// 判断时间claims.ExpiresAt
-			if time.Now().Unix() > claims.ExpiresAt {
+			isExpire, err := token.New(env.Runtime.JwtSecretKey).IsExpired(authHeader)
+			if err != nil {
+				log.Println("token解析异常:", err)
+				c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
+				c.Abort()
+				return
+			}
+			if isExpire {
 				log.Println("token过期，请重新获取:", "Token has expired")
 				c.JSON(http.StatusUnauthorized, gin.H{"error": "Token has expired"})
 				c.Abort()
@ -47,6 +46,15 @@ func JwtAuth(time_verify bool) gin.HandlerFunc {
 			}
 		}

+		// 提取Token
+		claims, err := token.New(env.Runtime.JwtSecretKey).ParseJwt(authHeader)
+		if err != nil || claims == nil {
+			log.Printf("提取token异常:%v\n", err)
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
+			c.Abort()
+			return
+		}
+
 		// 将解析后的 Token 存储到上下文中
 		c.Set("Auth", claims)
 		// 如果 Token 有效，继续处理请求