aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-07-07 05:32:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: add expiration into create access token request

Browse Source
This commit is contained in:
Steven
2023-08-06 21:33:16 +08:00
parent a90279221c
commit 820b8fc379
6 changed files with 133 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
api/auth/auth.go
View File

@ -31,22 +31,21 @@ type ClaimsMessage struct {
// GenerateAccessToken generates an access token.
// username is the email of the user.
func GenerateAccessToken(username string, userID int32, secret string) (string, error) {
expirationTime := time.Now().Add(AccessTokenDuration)
return generateToken(username, userID, expirationTime, []byte(secret))
func GenerateAccessToken(username string, userID int32, expirationTime time.Time, secret string) (string, error) {
return generateToken(username, userID, AccessTokenAudienceName, expirationTime, []byte(secret))
}
// generateToken generates a jwt token.
func generateToken(username string, userID int32, expirationTime time.Time, secret []byte) (string, error) {
func generateToken(username string, userID int32, audience string, expirationTime time.Time, secret []byte) (string, error) {
// Create the JWT claims, which includes the username and expiry time.
claims := &ClaimsMessage{
Name: username,
RegisteredClaims: jwt.RegisteredClaims{
Audience: jwt.ClaimStrings{AccessTokenAudienceName},
Issuer: Issuer,
Audience: jwt.ClaimStrings{audience},
// In JWT, the expiry time is expressed as unix milliseconds.
ExpiresAt: jwt.NewNumericDate(expirationTime),
IssuedAt: jwt.NewNumericDate(time.Now()),
Issuer: Issuer,
Subject: fmt.Sprint(userID),
},
}

4
api/v1/auth.go
View File

@ -51,7 +51,7 @@ func (s *APIV1Service) registerAuthRoutes(g *echo.Group, secret string) {
return echo.NewHTTPError(http.StatusUnauthorized, "unmatched email and password")
}
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, secret)
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, time.Now().Add(auth.AccessTokenDuration), secret)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
}
@ -107,7 +107,7 @@ func (s *APIV1Service) registerAuthRoutes(g *echo.Group, secret string) {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to create user, err: %s", err)).SetInternal(err)
}
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, secret)
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, time.Now().Add(auth.AccessTokenDuration), secret)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
}

3
api/v2/user_service.go
View File

@ -2,6 +2,7 @@ package v2
import (
"context"
"time"
"github.com/boojack/slash/api/auth"
apiv2pb "github.com/boojack/slash/proto/gen/api/v2"
@ -107,7 +108,7 @@ func (s *UserService) CreateUserAccessToken(ctx context.Context, request *apiv2p
return nil, status.Errorf(codes.NotFound, "user not found")
}
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, s.Secret)
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, time.Now().Add(request.Expiration.AsDuration()), s.Secret)
if err != nil {
return nil, status.Errorf(codes.Internal, "failed to generate access token: %v", err)
}