修改token验证使用jsonschema进行验证

src/auth/jwt-auth.lua

@@ -5,9 +5,10 @@ local jsonschema = require("jsonschema")
 
 -- 定义一个JSON Schema
 local schema = {
-    {type = "object", properties = {
+    type = 'object',
-        {name = "Authorization", type = "string", pattern = "^Bearer\\s+(.+)$"},
+    properties = {
-    }, required = {"Authorization"}}
+        Authorization = {type = 'string', minLength = 8, pattern = 'Bearer\\s+(.+)$'},
+    }, required = {"Authorization"}
 }
 
 --获取用户认证数据信息
@@ -20,15 +21,18 @@ if auth_header == nil or auth_header == "" then
     ngx.exit(ngx.HTTP_UNAUTHORIZED)
 end
 
---查找令牌中的Bearer前缀字符，并进行截取 todo 使用jsonscheme进行匹配
+--查找令牌中的Bearer前缀字符
 local validator = jsonschema.generate_validator(schema)
-local result = validator(auth_header)
+local data = {}
-if not result then
+data.Authorization = auth_header
+local ok = validator(data)
+if not ok then
     ngx.log(ngx.WARN, "令牌格式不正确")
     ngx.status = ngx.HTTP_UNAUTHORIZED
     ngx.exit(ngx.HTTP_UNAUTHORIZED)
 end
-
+--获取token的数据值
+local token = string.sub(auth_header,8)
 --校验令牌
 local jwt_obj = jwt:verify(conf.secret_key, token)
 --如果校验结果中的verified==false，则表示令牌无效

src/test/test.lua

@@ -34,20 +34,25 @@ ngx.say("pageNum:", pageNum, " pageSize:", pageSize)
 --]]
 
 local schema = {
-    {type = "object", properties = {
+    type = 'object',
-        {name = "token", type = "string", pattern = "^Bearer\\s+(.+)$"},
+    properties = {
-    }, required = {"token"}}
+        Authorization = {type = 'string', minLength = 10, pattern = 'Bearer\\s+(.+)$'},
+    }, required = {"Authorization"}
 }
 
+--获取用户认证数据信息
+local data = {}
+local auth_header = ngx.var.http_Authorization
+data.Authorization = auth_header
 local validator = jsonschema.generate_validator(schema)
-local result = validator(auth_header)
+local result = validator(data)
 if not result then
     ngx.log(ngx.WARN, "令牌格式不正确")
     ngx.status = ngx.HTTP_UNAUTHORIZED
     ngx.exit(ngx.HTTP_UNAUTHORIZED)
 end
-
+local token = string.sub(auth_header,8)
-ngx.say(result.token)
+ngx.say(token)
 
 --local sampleJson = [[{"raw_header":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9","signature":"zkKAmXifqWDrMaLpXe8hrA1JpDRbdlgwS-yxNnQUOBw","raw_payload":"eyJpYXQiOjE3NjE4OTIwNDMsImV4cCI6MTc2MTg5NTY0MywidXNlcmlkIjoiYWRtaW4iLCJyb2xlIjoiIn0","valid":true,"verified":true,"reason":"everything is awesome~ :p","header":{"alg":"HS256","typ":"JWT"},"payload":{"iat":1761892043,"userid":"admin","exp":1761895643,"role":""}}]]
 ----解析json字符串

src/util/token.lua

@@ -6,9 +6,17 @@
 
 local jwt = require("resty.jwt")
 local conf = require("config")
+local jsonschema = require("jsonschema")
 
 local _M = {}
 
+local schema = {
+    type = 'object',
+    properties = {
+        Authorization = {type = 'string', minLength = 10, pattern = 'Bearer\\s+(.+)$'},
+    }, required = {"Authorization"}
+}
+
 --设置JWT的有效载荷
 local obj = {
     header = {typ="JWT", alg="HS256"},
@@ -46,15 +54,19 @@ function _M.authorizationToken(auth_header)
         return response
     end
 
-    --查找令牌中的Bearer前缀字符，并进行截取
+    local validator = jsonschema.generate_validator(schema)
-    local _, _, token = string.find(auth_header, "Bearer%s+(.+)")
+    local data = {}
+    data.Authorization = auth_header
+    local ok = validator(data)
     --如果没有Bearer，则表示令牌无效
-    if token == nil then
+    if not ok then
         response["code"] = 401
         response["message"] = "令牌格式不正确"
         return response
     end
 
+    --查找令牌中的Bearer前缀字符，并进行截取
+    local token = string.sub(auth_header,8)
     --校验令牌
     local jwt_obj = jwt:verify(conf.secret_key, token)
     --如果校验结果中的verified==false，则表示令牌无效