Why is my echo jwt custom code not working?

php editor Yuzai often receives questions from readers. One of the common questions is about "Why does my echo jwt custom code not work?". When using JWT (JSON Web Token), sometimes we encounter situations where custom code does not work. This may be due to some common problems. In this article, we will answer this question in detail and provide solutions to help readers solve this problem that bothers them. Let’s take a look!

Question content

I am using echo jwt to authenticate the user, I customized it when looking at the manual but it is not applied. I want two things.

1. I want to do token check without bearer keyword

2. I want to return an error message suitable for the case where the token is not found or the token is invalid.

How to modify the above code to achieve the effect I want?

I have just started learning golang, any advice would be greatly appreciated

output := echojwt.JWT(&echojwt.Config{
        SigningKey:  []byte(key.EnvSecretKey),
        TokenLookup: "header:Authorization",
        ErrorHandler: func(c echo.Context, err error) error {
            if err != nil {
                return c.JSON(400, "custom error")
            }
            return nil
        },
    })

Solution

Here are the steps you can follow:

1. Token checking without using the "bearer" keyword: To do this, you You can change the tokenlookup value from "header:authorization" to "query: token". This will allow you to pass the token as a query parameters instead of in the header.

2. Return a custom error message appropriate to the situation Token not found or invalid: To do this, you can Modify error handling function

This is an example:

output := echojwt.JWT(&echojwt.Config{
     SigningKey:  []byte(key.EnvSecretKey),
     TokenLookup: "query:token",
     ErrorHandler: func(c echo.Context, err error) error {
         if err == jwt.ErrTokenNotFound {
             return c.JSON(http.StatusBadRequest, "token not found")
         }
         if ve, ok := err.(*jwt.ValidationError); ok {
             if ve.Errors&jwt.ValidationErrorMalformed != 0 {
                 return c.JSON(http.StatusBadRequest, "token is malformed")
             } else if ve.Errors&(jwt.ValidationErrorExpired|jwt.ValidationErrorNotValidYet) != 0 {
                 return c.JSON(http.StatusUnauthorized, "token is expired or not valid yet")
             } else {
                 return c.JSON(http.StatusBadRequest, "token is invalid")
             }
         }
         return nil
     },
 })

The above is the detailed content of Why is my echo jwt custom code not working?. For more information, please follow other related articles on the PHP Chinese website!