{"id":13600307,"url":"https://github.com/goflyfox/gtoken","last_synced_at":"2026-01-18T07:45:56.436Z","repository":{"id":37706259,"uuid":"191016958","full_name":"goflyfox/gtoken","owner":"goflyfox","description":"基于gf框架的token插件，通过服务端验证方式实现token认证；","archived":false,"fork":false,"pushed_at":"2025-07-02T11:16:15.000Z","size":209,"stargazers_count":298,"open_issues_count":2,"forks_count":76,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-08-13T18:52:43.128Z","etag":null,"topics":["auth","gf","golang","token"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/goflyfox.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-06-09T14:33:41.000Z","updated_at":"2025-08-07T15:01:12.000Z","dependencies_parsed_at":"2025-05-31T17:27:48.185Z","dependency_job_id":"38332d0a-dceb-4c5b-839a-53c7c996606e","html_url":"https://github.com/goflyfox/gtoken","commit_stats":null,"previous_names":[],"tags_count":58,"template":false,"template_full_name":null,"purl":"pkg:github/goflyfox/gtoken","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goflyfox%2Fgtoken","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goflyfox%2Fgtoken/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goflyfox%2Fgtoken/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goflyfox%2Fgtoken/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/goflyfox","download_url":"https://codeload.github.com/goflyfox/gtoken/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goflyfox%2Fgtoken/sbom","scorecard":{"id":433761,"data":{"date":"2025-08-11","repo":{"name":"github.com/goflyfox/gtoken","commit":"4e6d192a77ebd979d96cd1ef0110caa78e046d8e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.8,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 1/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 2 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2025-3540"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T04:04:51.683Z","repository_id":37706259,"created_at":"2025-08-19T04:04:51.683Z","updated_at":"2025-08-19T04:04:51.683Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28533172,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-18T00:39:45.795Z","status":"online","status_checked_at":"2026-01-18T02:00:07.578Z","response_time":98,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth","gf","golang","token"],"created_at":"2024-08-01T18:00:35.697Z","updated_at":"2026-01-18T07:45:56.381Z","avatar_url":"https://github.com/goflyfox.png","language":"Go","funding_links":[],"categories":["Go","Libraries and Plugins"],"sub_categories":[],"readme":"# gtoken\n\n## 介绍\n基于`GoFrame`框架的token插件，通过服务端验证方式实现token认证；已完全可以支撑线上token认证，通过Redis支持集群模式；使用简单，大家可以放心使用；\n\n* GoFrame v2.X.X 全面适配\n* GoFrame v1.X.X 请使用gtoken v1.4.X相关版本;\n* Github地址：https://github.com/goflyfox/gtoken\n* Gitee地址：https://gitee.com/goflyfox/gtoken\n\n## gtoken优势\n1. gtoken支撑单点应用测试使用内存存储，支持个人小项目文件存储，也支持企业集群使用redis存储；完全适用于企业生产级使用；\n2. 有效的避免了jwt服务端无法退出问题；\n3. 解决jwt无法作废已颁布的令牌，只能等到令牌过期问题；\n4. 通过用户扩展信息存储在服务端，有效规避了jwt携带大量用户扩展信息导致降低传输效率问题；\n5. 有效避免jwt需要客户端实现续签功能，增加客户端复杂度；支持服务端自动续期，客户端不需要关心续签逻辑；\n\n## 特性说明\n\n1. 支持token认证，不强依赖于session和cookie，适用jwt和session认证所有场景；\n2. 支持单机gcache和集群gredis模式；\n```\n# 缓存模式 1 gcache 2 gredis 3 fileCache\nCacheMode = 2\n```\n\n3. 支持服务端缓存自动续期功能\n```\n// 注：通过MaxRefresh，默认当用户第五天访问时，自动续期\n// 超时时间 默认10天\nTimeout int\n// 缓存刷新时间 默认为超时时间的一半\nMaxRefresh int\n```\n4. 框架使用简单，只需要认证拦截器注册、登录Token生成、登出Token销毁即可；\n\n## 安装教程\n\n获取最新版本: `go get -u -v github.com/goflyfox/gtoken/v2`\n\n## 使用说明\n\n1. 初始化配置gtoken.Options{}, 并创建gtoken对象(`gtoken.NewDefaultToken`)；参数详情见《配置项说明》部分\n2. 注册认证中间件`gtoken.NewDefaultMiddleware(gfToken).Auth`\n3. 登陆认证成功后，生成Token（`gfToken.Generate`）并返回给客户端\n4. 登出时销毁Token(`gfToken.Destroy`)\n5. 建议：由于中间件采用洋葱模型，注册`MiddlewareAuth`认证中间件，放在在`MiddlewareCORS`后，用户权限`MiddlewareUserPermissions`认证和Response处理`MiddlewareHandlerResponse`之前\n\n```go\n\t// 创建gtoken对象\n    gftoken := gtoken.NewDefaultToken(gtoken.Options{})\n\ts.Group(\"/\", func(group *ghttp.RouterGroup) {\n\t\tgroup.Middleware(CORS)\n\t\t// 注册GfToken中间件\n\t\tgroup.Middleware(gtoken.NewDefaultMiddleware(gfToken).Auth)\n\n        group.ALL(\"/system/data\", func(r *ghttp.Request) {\n            // 获取登陆信息\n            _, data, err := gfToken.Get(r.Context(), r.GetCtxVar(gtoken.KeyUserKey).String())\n            if err != nil {\n                r.Response.WriteJson(RespError(err))\n            }\n            r.Response.WriteJson(RespSuccess(data))\n        })\n\t\tgroup.ALL(\"/user/logout\", func(r *ghttp.Request) {\n\t\t    // 登出销毁Token \n\t\t\t_ = gfToken.Destroy(ctx, r.GetCtxVar(gtoken.KeyUserKey).String())\n\t\t\tr.Response.WriteJson(RespSuccess(\"user logout\"))\n\t\t})\n\t})\n\n\ts.BindHandler(\"/login\", func(r *ghttp.Request) {\n\t\t// 认证成功调用Generate生成Token\n\t\ttoken, err := gfToken.Generate(ctx, username, \"1\")\n\t\tif err != nil {\n\t\t\tr.Response.WriteJson(RespError(err))\n\t\t\tr.ExitAll()\n\t\t}\n\t\tr.Response.WriteJson(RespSuccess(g.Map{\n\t\t\tgtoken.KeyUserKey: username,\n\t\t\tgtoken.KeyToken:   token,\n\t\t}))\n\n\t})\n```\n\n### 配置项说明\n\n具体可参考`GfToken`结构体，字段解释如下：\n\n| 名称         | 配置字段       | 说明                                   |\n|------------| -------------- |--------------------------------------|\n| 缓存模式       | CacheMode      | 1 gcache 2 gredis 3 fileCache 默认1    |\n| 缓存key      | CachePreKey    | 默认缓存前缀`GToken:`                      |\n| 超时时间       | Timeout        | 默认10天（毫秒）                            |\n| 缓存刷新时间     | MaxRefresh     | 默认为超时时间的一半（毫秒）                       |\n| Token分隔符   | TokenDelimiter | 默认`_`                                |\n| Token加密key | EncryptKey     | 默认`12345678912345678912345678912345` |\n| 是否支持多端登录   | MultiLogin     | 默认false                              |\n| 拦截排除地址     | AuthExcludePaths   | 拦截器参数：此路径列表不进行认证                     |\n| 拦截返回函数     | ResFun   | 拦截器参数：认证失败返回函数，默认返回Code：300          |\n\n## 示例\n\n使用示例，请先参考`gtoken/example/sample/test/backend/server.go`文件\n\n## 项目扩展\n\n1. gtoken-jwt：基于gtoken的jwt扩展，适用于短期token场景使用；[具体文档](contrib/jwt/ReadMe.md)\n\n\n## 感谢\n\n1. gf框架 [https://github.com/gogf/gf](https://github.com/gogf/gf) \n2. 历史文档v1：https://goframe.org/pages/viewpage.action?pageId=1115974\n\n## 项目支持\n\n- 项目的发展，离不开大家得支持~！~\n\n- [阿里云：ECS云服务器新人优惠券；请点击这里](https://promotion.aliyun.com/ntms/yunparter/invite.html?userCode=c4hsn0gc)\n\n- 也可以请作者喝一杯咖啡:)\n\n![jflyfox](https://raw.githubusercontent.com/jflyfox/jfinal_cms/master/doc/pay01.jpg \"Open source support\")\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoflyfox%2Fgtoken","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoflyfox%2Fgtoken","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoflyfox%2Fgtoken/lists"}