fix: Jwt

- `RUSTDESK_API_JWT_KEY`如果设置，将会启用JWT，token自动续期功能将失效
- 此功能是为了server端校验token的合法性

README.md

@@ -76,14 +76,14 @@
 2. 普通用户界面
    ![web_user](docs/web_admin_user.png)
    右上角可以更改密码,可以切换语言，可以切换`白天/黑夜`模式
+
    ![web_resetpwd](docs/web_resetpwd.png)
 
-3. 分组可以自定义，方便管理，暂时支持两种类型: `共享组` 和 `普通组`
+3. 每个用户可以多个地址簿，也可以将地址簿共享给其他用户
-   ![web_admin_gr](docs/web_admin_gr.png)
+4. 分组可以自定义，方便管理，暂时支持两种类型: `共享组` 和 `普通组`
-4. 可以直接打开webclient，方便使用；也可以分享给游客，游客可以直接通过webclient远程到设备
+5. 可以直接打开webclient，方便使用；也可以分享给游客，游客可以直接通过webclient远程到设备
-
    ![web_webclient](docs/admin_webclient.png)
-5. Oauth,支持了`Github`, `Google` 以及 `OIDC`, 需要创建一个`OAuth App`，然后配置到后台
+6. Oauth,支持了`Github`, `Google` 以及 `OIDC`, 需要创建一个`OAuth App`，然后配置到后台
    ![web_admin_oauth](docs/web_admin_oauth.png)
     - 对于`Google` 和 `Github`, `Issuer` 和 `Scopes`不需要填写.
     - 对于`OIDC`, `Issuer`是必须的。`Scopes`是可选的，默认为 `openid,profile,email`. 确保可以获取 `sub`,`email` 和`preferred_username`
@@ -91,6 +91,21 @@
       中创建,地址 [https://github.com/settings/developers](https://github.com/settings/developers)
     - `Authorization callback URL`填写`http://<your server[:port]>/api/oauth/callback`
       ，比如`http://127.0.0.1:21114/api/oauth/callback`
+7. 登录日志
+8. 链接日志
+9. 文件传输日志
+10. server控制
+
+  - `简易模式`,已经界面化了一些简单的指令，可以直接在后台执行
+    ![rustdesk_command_simple](./docs/rustdesk_command_simple.png)
+
+  - `高级模式`,直接在后台执行指令
+      * 可以官方指令
+      * 可以添加自定义指令
+      * 可以执行自定义指令
+    
+    ![rustdesk_command_advance](./docs/rustdesk_command_advance.png)
+ 
 
 ### Web Client:
 
@@ -161,6 +176,9 @@ logger:
 proxy:
   enable: false
   host: ""
+jwt:
+  key: ""
+  expire-duration: 360000
 ```
 
 ### 环境变量
@@ -199,6 +217,9 @@ proxy:
 | ----PROXY配置-----                                  | ---------------                                         | ----------                   |
 | RUSTDESK_API_PROXY_ENABLE                         | 是否启用代理:`false`, `true`                                  | `false`                      |
 | RUSTDESK_API_PROXY_HOST                           | 代理地址                                                    | `http://127.0.0.1:1080`      |
+| ----JWT配置----                                     | --------                                                | --------                     |
+| RUSTDESK_API_JWT_KEY                              | 自定义JWT KEY,为空则不启用JWT                                    |                              |
+| RUSTDESK_API_JWT_EXPIRE_DURATION                  | JWT有效时间                                                 | 360000                       |
 
 
 ### 运行
@@ -264,8 +285,49 @@ proxy:
 6. 打开浏览器访问`http://<your server[:port]>/_admin/`，默认用户名密码为`admin`，请及时更改密码。
 
 
+#### 使用我fork后的server-s6镜像运行
+
+- github https://github.com/lejianwen/rustdesk-server
+- docker hub https://hub.docker.com/r/lejianwen/rustdesk-server-s6
+
+```yaml
+ networks:
+   rustdesk-net:
+     external: false
+ services:
+   rustdesk:
+     ports:
+       - 21114:21114
+       - 21115:21115
+       - 21116:21116
+       - 21116:21116/udp
+       - 21117:21117
+       - 21118:21118
+       - 21119:21119
+     image: lejianwen/rustdesk-server-s6:latest
+     environment:
+       - RELAY=<relay_server[:port]>
+       - ENCRYPTED_ONLY=1
+       - MUST_LOGIN=N
+       - TZ=Asia/Shanghai
+       - RUSTDESK_API_RUSTDESK_ID_SERVER=<id_server[:21116]>
+       - RUSTDESK_API_RUSTDESK_RELAY_SERVER=<relay_server[:21117]>
+       - RUSTDESK_API_RUSTDESK_API_SERVER=http://<api_server[:21114]>
+       - RUSTDESK_API_KEY_FILE=/data/id_ed25519.pub
+       - RUSTDESK_API_JWT_KEY=xxxxxx # jwt key
+     volumes:
+       - /data/rustdesk/server:/data
+       - /data/rustdesk/api:/app/data #将数据库挂载
+     networks:
+       - rustdesk-net
+     restart: unless-stopped
+       
+```
+
+
 ## 其他
 
+- [WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
 - [链接超时问题](https://github.com/lejianwen/rustdesk-api/issues/92)
 - [修改客户端ID](https://github.com/abdullah-erturk/RustDesk-ID-Changer)
 - [webclient来源](https://hub.docker.com/r/keyurbhole/flutter_web_desk)

README_EN.md

@@ -79,12 +79,11 @@ installation are `admin` `admin`, please change the password immediately.
    In the top right corner, you can change the password, switch languages, and toggle between `day/night` mode.
 
    ![web_resetpwd](docs/en_img/web_resetpwd.png)
-3. Groups can be customized for easy management. Currently, two types are supported: `shared group` and `regular group`.
+3. Each user can have multiple address books, which can also be shared with other users.
-   ![web_admin_gr](docs/en_img/web_admin_gr.png)
+4. Groups can be customized for easy management. Currently, two types are supported: `shared group` and `regular group`.
-4. You can directly launch the client or open the web client for convenience; you can also share it with guests, who can remotely access the device via the web client.
+5. You can directly launch the client or open the web client for convenience; you can also share it with guests, who can remotely access the device via the web client.
-
    ![web_webclient](docs/en_img/admin_webclient.png)
-5. OAuth support: Currently, `GitHub`, `Google` and `OIDC`  are supported. You need to create an `OAuth App` and configure it in
+6. OAuth support: Currently, `GitHub`, `Google` and `OIDC`  are supported. You need to create an `OAuth App` and configure it in
    the admin panel.
    ![web_admin_oauth](docs/en_img/web_admin_oauth.png)
     - For `Google` and `Github`, you don't need to fill the `Issuer` and `Scpoes`
@@ -94,6 +93,23 @@ installation are `admin` `admin`, please change the password immediately.
     - Set the `Authorization callback URL` to `http://<your server[:port]>/api/oauth/callback`,
       e.g., `http://127.0.0.1:21114/api/oauth/callback`.
    
+7. Login logs
+8. Connection logs
+9. File transfer logs
+10. Server control
+
+- `Simple mode`, some simple commands have been GUI-ized and can be executed directly in the backend
+  ![rustdesk_command_simple](./docs/en_img/rustdesk_command_simple.png)
+
+- `Advanced mode`, commands can be executed directly in the backend
+    * Official commands can be used
+    * Custom commands can be added
+    * Custom commands can be executed
+
+  ![rustdesk_command_advance](./docs/en_img/rustdesk_command_advance.png)
+
+
+
 ### Web Client:
 
 1. If you're already logged into the admin panel, the web client will log in automatically.
@@ -163,44 +179,50 @@ logger:
 proxy:
   enable: false
   host: ""
+jwt:
+  key: ""
+  expire-duration: 360000
 ```
 
 ### Environment Variables
 The prefix for variable names is `RUSTDESK_API`. If environment variables exist, they will override the configurations in the configuration file.
 
-| Variable Name                                       | Description                                                                                                  | Example                       |
+| Variable Name                                     | Description                                                                                                  | Example                       |
-|-----------------------------------------------------|--------------------------------------------------------------------------------------------------------------|-------------------------------|
+|---------------------------------------------------|--------------------------------------------------------------------------------------------------------------|-------------------------------|
-| TZ                                                  | timezone                                                                                                     | Asia/Shanghai                 |
+| TZ                                                | timezone                                                                                                     | Asia/Shanghai                 |
-| RUSTDESK_API_LANG                                   | Language                                                                                                     | `en`,`zh-CN`                  |
+| RUSTDESK_API_LANG                                 | Language                                                                                                     | `en`,`zh-CN`                  |
-| RUSTDESK_API_APP_WEB_CLIENT                         | web client on/off; 1: on, 0 off, default: 1                                                                  | 1                             |
+| RUSTDESK_API_APP_WEB_CLIENT                       | web client on/off; 1: on, 0 off, default: 1                                                                  | 1                             |
-| RUSTDESK_API_APP_REGISTER                           | register enable; `true`, `false`; default:`false`                                                            | `false`                       |
+| RUSTDESK_API_APP_REGISTER                         | register enable; `true`, `false`; default:`false`                                                            | `false`                       |
-| RUSTDESK_API_APP_SHOW_SWAGGER                       | swagger visible; 1: yes, 0: no; default: 0                                                                   | `0`                           |
+| RUSTDESK_API_APP_SHOW_SWAGGER                     | swagger visible; 1: yes, 0: no; default: 0                                                                   | `0`                           |
-| ----- ADMIN Configuration-----                      | ----------                                                                                                   | ----------                    |
+| ----- ADMIN Configuration-----                    | ----------                                                                                                   | ----------                    |
-| RUSTDESK_API_ADMIN_TITLE                            | Admin Title                                                                                                  | `RustDesk Api Admin`          |
+| RUSTDESK_API_ADMIN_TITLE                          | Admin Title                                                                                                  | `RustDesk Api Admin`          |
-| RUSTDESK_API_ADMIN_HELLO                            | Admin welcome message, you can use `html`                                                                    |                               |
+| RUSTDESK_API_ADMIN_HELLO                          | Admin welcome message, you can use `html`                                                                    |                               |
-| RUSTDESK_API_ADMIN_HELLO_FILE                       | Admin welcome message file,<br>will override `RUSTDESK_API_ADMIN_HELLO`                                      | `./conf/admin/hello.html`     |
+| RUSTDESK_API_ADMIN_HELLO_FILE                     | Admin welcome message file,<br>will override `RUSTDESK_API_ADMIN_HELLO`                                      | `./conf/admin/hello.html`     |
-| ----- GIN Configuration -----                       | ---------------------------------------                                                                      | ----------------------------- |
+| ----- GIN Configuration -----                     | ---------------------------------------                                                                      | ----------------------------- |
-| RUSTDESK_API_GIN_TRUST_PROXY                        | Trusted proxy IPs, separated by commas.                                                                      | 192.168.1.2,192.168.1.3       |
+| RUSTDESK_API_GIN_TRUST_PROXY                      | Trusted proxy IPs, separated by commas.                                                                      | 192.168.1.2,192.168.1.3       |
-| ----- GORM Configuration -----                      | ---------------------------------------                                                                      | ----------------------------- |
+| ----- GORM Configuration -----                    | ---------------------------------------                                                                      | ----------------------------- |
-| RUSTDESK_API_GORM_TYPE                              | Database type (`sqlite` or `mysql`). Default is `sqlite`.                                                    | sqlite                        |
+| RUSTDESK_API_GORM_TYPE                            | Database type (`sqlite` or `mysql`). Default is `sqlite`.                                                    | sqlite                        |
-| RUSTDESK_API_GORM_MAX_IDLE_CONNS                    | Maximum idle connections                                                                                     | 10                            |
+| RUSTDESK_API_GORM_MAX_IDLE_CONNS                  | Maximum idle connections                                                                                     | 10                            |
-| RUSTDESK_API_GORM_MAX_OPEN_CONNS                    | Maximum open connections                                                                                     | 100                           |
+| RUSTDESK_API_GORM_MAX_OPEN_CONNS                  | Maximum open connections                                                                                     | 100                           |
-| RUSTDESK_API_RUSTDESK_PERSONAL                      | Open Personal Api 1:Enable,0:Disable                                                                         | 1                             |
+| RUSTDESK_API_RUSTDESK_PERSONAL                    | Open Personal Api 1:Enable,0:Disable                                                                         | 1                             |
-| ----- MYSQL Configuration -----                     | ---------------------------------------                                                                      | ----------------------------- |
+| ----- MYSQL Configuration -----                   | ---------------------------------------                                                                      | ----------------------------- |
-| RUSTDESK_API_MYSQL_USERNAME                         | MySQL username                                                                                               | root                          |
+| RUSTDESK_API_MYSQL_USERNAME                       | MySQL username                                                                                               | root                          |
-| RUSTDESK_API_MYSQL_PASSWORD                         | MySQL password                                                                                               | 111111                        |
+| RUSTDESK_API_MYSQL_PASSWORD                       | MySQL password                                                                                               | 111111                        |
-| RUSTDESK_API_MYSQL_ADDR                             | MySQL address                                                                                                | 192.168.1.66:3306             |
+| RUSTDESK_API_MYSQL_ADDR                           | MySQL address                                                                                                | 192.168.1.66:3306             |
-| RUSTDESK_API_MYSQL_DBNAME                           | MySQL database name                                                                                          | rustdesk                      |
+| RUSTDESK_API_MYSQL_DBNAME                         | MySQL database name                                                                                          | rustdesk                      |
-| ----- RUSTDESK Configuration -----                  | ---------------------------------------                                                                      | ----------------------------- |
+| ----- RUSTDESK Configuration -----                | ---------------------------------------                                                                      | ----------------------------- |
-| RUSTDESK_API_RUSTDESK_ID_SERVER                     | Rustdesk ID server address                                                                                   | 192.168.1.66:21116            |
+| RUSTDESK_API_RUSTDESK_ID_SERVER                   | Rustdesk ID server address                                                                                   | 192.168.1.66:21116            |
-| RUSTDESK_API_RUSTDESK_RELAY_SERVER                  | Rustdesk relay server address                                                                                | 192.168.1.66:21117            |
+| RUSTDESK_API_RUSTDESK_RELAY_SERVER                | Rustdesk relay server address                                                                                | 192.168.1.66:21117            |
-| RUSTDESK_API_RUSTDESK_API_SERVER                    | Rustdesk API server address                                                                                  | http://192.168.1.66:21114     |
+| RUSTDESK_API_RUSTDESK_API_SERVER                  | Rustdesk API server address                                                                                  | http://192.168.1.66:21114     |
-| RUSTDESK_API_RUSTDESK_KEY                           | Rustdesk key                                                                                                 | 123456789                     |
+| RUSTDESK_API_RUSTDESK_KEY                         | Rustdesk key                                                                                                 | 123456789                     |
-| RUSTDESK_API_RUSTDESK_KEY_FILE                      | Rustdesk key file                                                                                            | `./conf/data/id_ed25519.pub`  |
+| RUSTDESK_API_RUSTDESK_KEY_FILE                    | Rustdesk key file                                                                                            | `./conf/data/id_ed25519.pub`  |
-| RUSTDESK_API_RUSTDESK_WEBCLIENT_MAGIC_QUERYONLINE   | New online query method is enabled in the web client v2; '1': Enabled, '0': Disabled, not enabled by default | `0`                           |
+| RUSTDESK_API_RUSTDESK_WEBCLIENT_MAGIC_QUERYONLINE | New online query method is enabled in the web client v2; '1': Enabled, '0': Disabled, not enabled by default | `0`                           |
-| ---- PROXY -----                                    | ---------------                                                                                              | ----------                    |
+| ---- PROXY -----                                  | ---------------                                                                                              | ----------                    |
-| RUSTDESK_API_PROXY_ENABLE                           | proxy_enable :`false`, `true`                                                                                | `false`                       |
+| RUSTDESK_API_PROXY_ENABLE                         | proxy_enable :`false`, `true`                                                                                | `false`                       |
-| RUSTDESK_API_PROXY_HOST                             | proxy_host                                                                                                   | `http://127.0.0.1:1080`       |
+| RUSTDESK_API_PROXY_HOST                           | proxy_host                                                                                                   | `http://127.0.0.1:1080`       |
+| ----JWT----                                       | --------                                                                                                     | --------                      |
+| RUSTDESK_API_JWT_KEY                              | JWT KEY. Set empty to disable jwt                                                                            |                               |
+| RUSTDESK_API_JWT_EXPIRE_DURATION                  | JWT expire duration                                                                                          | 360000                        |
 
 ### Installation Steps
 
@@ -269,9 +291,47 @@ Download the release from [release](https://github.com/lejianwen/rustdesk-api/re
 6. Open your browser and visit `http://<your server[:port]>/_admin/`, with default credentials `admin admin`. Please
    change the password promptly.
 
+#### Running with my forked server-s6 image
 
+- github https://github.com/lejianwen/rustdesk-server
+- docker hub https://hub.docker.com/r/lejianwen/rustdesk-server-s6
+
+```yaml
+ networks:
+   rustdesk-net:
+     external: false
+ services:
+   rustdesk:
+     ports:
+       - 21114:21114
+       - 21115:21115
+       - 21116:21116
+       - 21116:21116/udp
+       - 21117:21117
+       - 21118:21118
+       - 21119:21119
+     image: lejianwen/rustdesk-server-s6:latest
+     environment:
+       - RELAY=<relay_server[:port]>
+       - ENCRYPTED_ONLY=1
+       - MUST_LOGIN=N
+       - TZ=Asia/Shanghai
+       - RUSTDESK_API_RUSTDESK_ID_SERVER=<id_server[:21116]>
+       - RUSTDESK_API_RUSTDESK_RELAY_SERVER=<relay_server[:21117]>
+       - RUSTDESK_API_RUSTDESK_API_SERVER=http://<api_server[:21114]>
+       - RUSTDESK_API_KEY_FILE=/data/id_ed25519.pub
+       - RUSTDESK_API_JWT_KEY=xxxxxx # jwt key
+     volumes:
+       - /data/rustdesk/server:/data
+       - /data/rustdesk/api:/app/data #将数据库挂载
+     networks:
+       - rustdesk-net
+     restart: unless-stopped
+       
+```
 ## Others
 
+- [WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
 - [Connection Timeout](https://github.com/lejianwen/rustdesk-api/issues/92)
 - [Change client ID](https://github.com/abdullah-erturk/RustDesk-ID-Changer)
 - [Web client source](https://hub.docker.com/r/keyurbhole/flutter_web_desk)

cmd/apimain.go

@@ -5,6 +5,7 @@ import (
 	"Gwen/global"
 	"Gwen/http"
 	"Gwen/lib/cache"
+	"Gwen/lib/jwt"
 	"Gwen/lib/lock"
 	"Gwen/lib/logger"
 	"Gwen/lib/orm"
@@ -17,6 +18,7 @@ import (
 	"github.com/spf13/cobra"
 	"os"
 	"strconv"
+	"time"
 )
 
 // @title 管理系统API
@@ -163,7 +165,7 @@ func InitGlobal() {
 
 	//jwt
 	//fmt.Println(global.Config.Jwt.PrivateKey)
-	//global.Jwt = jwt.NewJwt(global.Config.Jwt.PrivateKey, global.Config.Jwt.ExpireDuration*time.Second)
+	global.Jwt = jwt.NewJwt(global.Config.Jwt.Key, global.Config.Jwt.ExpireDuration*time.Second)
 
 	//locker
 	global.Lock = lock.NewLocal()

conf/config.yaml

@@ -26,16 +26,19 @@ rustdesk:
   relay-server: "192.168.1.66:21117"
   api-server: "http://127.0.0.1:21114"
   key: ""
-  key-file: "./conf/data/id_ed25519.pub"
+  key-file: "/data/id_ed25519.pub"
   personal: 1
   webclient-magic-queryonline: 0
 logger:
   path: "./runtime/log.txt"
-  level: "warn" #trace,debug,info,warn,error,fatal
+  level: "debug" #trace,debug,info,warn,error,fatal
   report-caller: true
 proxy:
   enable: false
   host: "http://127.0.0.1:1080"
+jwt:
+  key: ""
+  expire-duration: 360000
 redis:
   addr: "127.0.0.1:6379"
   password: ""
@@ -53,6 +56,4 @@ oss:
   callback-url: ""
   expire-time: 30
   max-byte: 10240
-jwt:
+
-  private-key: "./conf/jwt_pri.pem"
-  expire-duration: 360000

config/jwt.go

@@ -3,6 +3,6 @@ package config
 import "time"
 
 type Jwt struct {
-	PrivateKey     string        `mapstructure:"private-key"`
+	Key            string        `mapstructure:"key"`
 	ExpireDuration time.Duration `mapstructure:"expire-duration"`
 }

http/middleware/rustauth.go

@@ -1,6 +1,7 @@
 package middleware
 
 import (
+	"Gwen/global"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 )
@@ -27,7 +28,21 @@ func RustAuth() gin.HandlerFunc {
 		//提取token，格式是Bearer {token}
 		//这里只是简单的提取
 		token = token[7:]
+
 		//验证token
+
+		//检查是否设置了jwt key
+		if len(global.Jwt.Key) > 0 {
+			uid, _ := service.AllService.UserService.VerifyJWT(token)
+			if uid == 0 {
+				c.JSON(401, gin.H{
+					"error": "Unauthorized",
+				})
+				c.Abort()
+				return
+			}
+		}
+
 		user, ut := service.AllService.UserService.InfoByAccessToken(token)
 		if user.Id == 0 {
 			c.JSON(401, gin.H{
@@ -38,7 +53,7 @@ func RustAuth() gin.HandlerFunc {
 		}
 		if !service.AllService.UserService.CheckUserEnable(user) {
 			c.JSON(401, gin.H{
-				"error": "账号已被禁用",
+				"error": "Unauthorized",
 			})
 			c.Abort()
 			return

lib/jwt/jwt.go

@@ -1,14 +1,13 @@
 package jwt
 
 import (
-	"crypto/rsa"
+	"fmt"
 	"github.com/golang-jwt/jwt/v5"
-	"os"
 	"time"
 )
 
 type Jwt struct {
-	privateKey          *rsa.PrivateKey
+	Key                 []byte
 	TokenExpireDuration time.Duration
 }
 
@@ -17,31 +16,28 @@ type UserClaims struct {
 	jwt.RegisteredClaims
 }
 
-func NewJwt(privateKeyFile string, tokenExpireDuration time.Duration) *Jwt {
+func NewJwt(key string, tokenExpireDuration time.Duration) *Jwt {
-	privateKeyContent, err := os.ReadFile(privateKeyFile)
-	if err != nil {
-		panic(err)
-	}
-	privateKey, err := jwt.ParseRSAPrivateKeyFromPEM(privateKeyContent)
-	if err != nil {
-		panic(err)
-	}
 	return &Jwt{
-		privateKey:          privateKey,
+		Key:                 []byte(key),
 		TokenExpireDuration: tokenExpireDuration,
 	}
 }
 
 func (s *Jwt) GenerateToken(userId uint) string {
-	t := jwt.NewWithClaims(jwt.SigningMethodRS256,
+	if len(s.Key) == 0 {
+		fmt.Println("jwt key is nil")
+		return ""
+	}
+	t := jwt.NewWithClaims(jwt.SigningMethodHS256,
 		UserClaims{
 			UserId: userId,
 			RegisteredClaims: jwt.RegisteredClaims{
 				ExpiresAt: jwt.NewNumericDate(time.Now().Add(s.TokenExpireDuration)),
 			},
 		})
-	token, err := t.SignedString(s.privateKey)
+	token, err := t.SignedString(s.Key)
 	if err != nil {
+		fmt.Printf("jwt token generate error: %v", err)
 		return ""
 	}
 	return token
@@ -49,7 +45,7 @@ func (s *Jwt) GenerateToken(userId uint) string {
 
 func (s *Jwt) ParseToken(tokenString string) (uint, error) {
 	token, err := jwt.ParseWithClaims(tokenString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return s.privateKey.Public(), nil
+		return s.Key, nil
 	})
 	if err != nil {
 		return 0, err

service/user.go

@@ -68,6 +68,9 @@ func (us *UserService) InfoByAccessToken(token string) (*model.User, *model.User
 
 // GenerateToken 生成token
 func (us *UserService) GenerateToken(u *model.User) string {
+	if len(global.Jwt.Key) > 0 {
+		return global.Jwt.GenerateToken(u.Id)
+	}
 	return utils.Md5(u.Username + time.Now().String())
 }
 
@@ -461,3 +464,7 @@ func (us *UserService) AutoRefreshAccessToken(ut *model.UserToken) {
 func (us *UserService) BatchDeleteUserToken(ids []uint) error {
 	return global.DB.Where("id in ?", ids).Delete(&model.UserToken{}).Error
 }
+
+func (us *UserService) VerifyJWT(token string) (uint, error) {
+	return global.Jwt.ParseToken(token)
+}