JWT

Overview

In go-zero, we declared HTTP service via api language, and then generated HTTP service code via goctl, after our systematic introduction to API norm.

Service authentication is also a frequently used feature in HTTP service development, this document will describe how to declare intermediate in api files.

JWT

JWT (JSON Web Token) is an open standard (RFC 7519) used to transmit declaratory messages between web applications.It is a lightweight JSON-based authentication and authorization mechanism for the safe transmission of information between clients and servers.

For more documentation about jwt

  1. 《JSON Web Tokens》
  2. JWT Certification

Let’s see how to declare jwt authentication in an api file

  1. syntax = "v1"
  3. type LoginReq {
  4.     Username string `json:"username"`
  5.     Password string `json:"password"`
  6. }
  8. type LoginResp {
  9.     ID string `json:"id"`
  10.     Name string `json:"name"`
  11. }
  13. type UserInfoReq {
  14.     ID string `json:"id"`
  15. }
  17. type UserInfoResp {
  18.     Name string `json:"name"`
  19. }
  21. service user-api {
  22.     @handler login
  23.     post /user/login (LoginReq) returns (LoginResp)
  24. }
  26. @server (
  27.     jwt: Auth // Enable jwt authentication
  28. )
  29. service user-api {
  30.     @handler userInfo
  31.     post /user/info (UserInfoReq) returns (UserInfoResp)
  32. }

In the above, we declared that the jwt authentication is enabled through the jwt keyword in @server, and the jwt authentication is only useful for its corresponding route, as in the jwt above only for /user/info takes effect, but not for /user/login, we use Auth as the value of jwt, after goctl After code generation, it will be converted into Corresponding to jwt configuration.

Below look briefly at the generated jwt code:

  • config.go
  • routes.go
  1. package config
  3. import "github.com/zeromicro/go-zero/rest"
  5. type Config struct {
  6.     rest.RestConf
  7.     Auth struct {// Key and expiration time configuration required for JWT authentication
  8.         AccessSecret string
  9.         AccessExpire int64
  10.     }
  11. }

The Auth field in the Config structure is the value we declared in the api syntax file, which is the result of code generation

  1. // Code generated by goctl. DO NOT EDIT.
  2. package handler
  4. import (
  5.     "net/http"
  7.     "go-zero-demo/user/internal/svc"
  9.     "github.com/zeromicro/go-zero/rest"
  10. )
  12. func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
  13.     server.AddRoutes(
  14.         []rest.Route{
  15.             {
  16.                 Method:  http.MethodPost,
  17.                 Path:    "/user/login",
  18.                 Handler: loginHandler(serverCtx),
  19.             },
  20.         },
  21.     )
  23.     server.AddRoutes(
  24.         []rest.Route{
  25.             {
  26.                 Method:  http.MethodPost,
  27.                 Path:    "/user/info",
  28.                 Handler: userInfoHandler(serverCtx),
  29.             },
  30.         },
  31.         rest.WithJwt(serverCtx.Config.Auth.AccessSecret),
  32.     )
  33. }

In the above, we can see that our declared jwt actually generated code by rest.WithJwt to declare jwt authentication.

JWT - 图1takes note of

Jwt authentication after code is generated, the framework only provides server logic and needs to be implemented by the developer for jwt token generation and refresh token.