70 lines
1.4 KiB
Go
70 lines
1.4 KiB
Go
|
package main
|
||
|
|
||
|
import (
|
||
|
"net/http"
|
||
|
"time"
|
||
|
|
||
|
jwt "github.com/dgrijalva/jwt-go"
|
||
|
"github.com/labstack/echo"
|
||
|
"github.com/labstack/echo/middleware"
|
||
|
)
|
||
|
|
||
|
func login(c echo.Context) error {
|
||
|
username := c.FormValue("username")
|
||
|
password := c.FormValue("password")
|
||
|
|
||
|
if username == "jon" && password == "shhh!" {
|
||
|
// Create token
|
||
|
token := jwt.New(jwt.SigningMethodHS256)
|
||
|
|
||
|
// Set claims
|
||
|
claims := token.Claims.(jwt.MapClaims)
|
||
|
claims["name"] = "Jon Snow"
|
||
|
claims["admin"] = true
|
||
|
claims["exp"] = time.Now().Add(time.Hour * 72).Unix()
|
||
|
|
||
|
// Generate encoded token and send it as response.
|
||
|
t, err := token.SignedString([]byte("secret"))
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
return c.JSON(http.StatusOK, map[string]string{
|
||
|
"token": t,
|
||
|
})
|
||
|
}
|
||
|
|
||
|
return echo.ErrUnauthorized
|
||
|
}
|
||
|
|
||
|
func accessible(c echo.Context) error {
|
||
|
return c.String(http.StatusOK, "Accessible")
|
||
|
}
|
||
|
|
||
|
func restricted(c echo.Context) error {
|
||
|
user := c.Get("user").(*jwt.Token)
|
||
|
claims := user.Claims.(jwt.MapClaims)
|
||
|
name := claims["name"].(string)
|
||
|
return c.String(http.StatusOK, "Welcome "+name+"!")
|
||
|
}
|
||
|
|
||
|
func main() {
|
||
|
e := echo.New()
|
||
|
|
||
|
// Middleware
|
||
|
e.Use(middleware.Logger())
|
||
|
e.Use(middleware.Recover())
|
||
|
|
||
|
// Login route
|
||
|
e.POST("/login", login)
|
||
|
|
||
|
// Unauthenticated route
|
||
|
e.GET("/", accessible)
|
||
|
|
||
|
// Restricted group
|
||
|
r := e.Group("/restricted")
|
||
|
r.Use(middleware.JWT([]byte("secret")))
|
||
|
r.GET("", restricted)
|
||
|
|
||
|
e.Logger.Fatal(e.Start(":1323"))
|
||
|
}
|