feat: user auth.

util/jwt.go

@@ -20,8 +20,7 @@ type Claims struct {
 
 // GenerateToken 生成JWT Token
 func GenerateToken(user *models.User) (string, error) {
-	expirationTime := time.Now().Add(24 * 30 * time.Hour) // Token有效期24小时
-	//expirationTime := time.Now().Add(1 * time.Second) // Token有效期24小时
+	now := time.Now()
 
 	claims := &Claims{
 		UserID:     user.ID,
@@ -30,12 +29,15 @@ func GenerateToken(user *models.User) (string, error) {
 		FlavorType: user.FlavorType,
 		RegionIDs:  user.RegionIDs(),
 		RegisteredClaims: jwt.RegisteredClaims{
-			ExpiresAt: jwt.NewNumericDate(expirationTime),
-			IssuedAt:  jwt.NewNumericDate(time.Now()),
-			NotBefore: jwt.NewNumericDate(time.Now()),
+			IssuedAt:  jwt.NewNumericDate(now),
+			NotBefore: jwt.NewNumericDate(now),
 			Issuer:    "your-app-name",
 		},
 	}
+	if user.FlavorType != models.UserFlavorHeartRate {
+		expirationTime := now.Add(24 * 30 * time.Hour)
+		claims.ExpiresAt = jwt.NewNumericDate(expirationTime)
+	}
 
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 	tokenString, err := token.SignedString([]byte(ApiSecret))
@@ -61,3 +63,16 @@ func ParseToken(tokenStr string) (*Claims, error) {
 
 	return claims, nil
 }
+
+func IsTokenRevoked(user *models.User, claims *Claims) bool {
+	if user == nil || claims == nil {
+		return true
+	}
+	if user.TokenInvalidBefore <= 0 {
+		return false
+	}
+	if claims.IssuedAt == nil {
+		return true
+	}
+	return claims.IssuedAt.UnixMilli() <= user.TokenInvalidBefore
+}