Authentication
การทำ Authentication ใน Go ด้วย JWT, OAuth, และ session-based auth
JWT (JSON Web Tokens)
Section titled “JWT (JSON Web Tokens)”go get github.com/golang-jwt/jwt/v5package main
import ( "fmt" "time"
"github.com/golang-jwt/jwt/v5")
var secretKey = []byte("my-super-secret-key-change-in-production")
type Claims struct { UserID int `json:"user_id"` Email string `json:"email"` Role string `json:"role"` jwt.RegisteredClaims}
func GenerateToken(userID int, email, role string) (string, error) { claims := Claims{ UserID: userID, Email: email, Role: role, RegisteredClaims: jwt.RegisteredClaims{ ExpiresAt: jwt.NewNumericDate(time.Now().Add(24 * time.Hour)), IssuedAt: jwt.NewNumericDate(time.Now()), NotBefore: jwt.NewNumericDate(time.Now()), Issuer: "my-app", Subject: fmt.Sprintf("%d", userID), }, }
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) return token.SignedString(secretKey)}
func ValidateToken(tokenString string) (*Claims, error) { token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) { // Verify signing method if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } return secretKey, nil })
if err != nil { return nil, err }
if claims, ok := token.Claims.(*Claims); ok && token.Valid { return claims, nil }
return nil, fmt.Errorf("invalid token")}
func main() { // Generate token token, err := GenerateToken(123, "user@example.com", "admin") if err != nil { panic(err) } fmt.Println("Token:", token[:50], "...")
// Validate token claims, err := ValidateToken(token) if err != nil { panic(err) } fmt.Printf("Claims: UserID=%d, Email=%s, Role=%s\n", claims.UserID, claims.Email, claims.Role)}เข้าสู่ระบบเพื่อดูเนื้อหาเต็ม
ยืนยันตัวตนด้วยบัญชี Google เพื่อปลดล็อกบทความทั้งหมด
Login with Google