aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-07-03 12:17:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: implement create&delete user access token api

Browse Source
This commit is contained in:
Steven
2023-08-06 20:53:45 +08:00
parent ad988575b3
commit a90279221c
10 changed files with 1085 additions and 265 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
api/v1/auth.go
View File

@ -51,7 +51,7 @@ func (s *APIV1Service) registerAuthRoutes(g *echo.Group, secret string) {
return echo.NewHTTPError(http.StatusUnauthorized, "unmatched email and password")
}
accessToken, err := GenerateAccessToken(user.Email, user.ID, secret)
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, secret)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
}
@ -107,7 +107,7 @@ func (s *APIV1Service) registerAuthRoutes(g *echo.Group, secret string) {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to create user, err: %s", err)).SetInternal(err)
}
accessToken, err := GenerateAccessToken(user.Email, user.ID, secret)
accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, secret)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
}
@ -151,12 +151,6 @@ func (s *APIV1Service) UpsertAccessTokenToStore(ctx context.Context, user *store
return nil
}
// GenerateAccessToken generates an access token for web.
func GenerateAccessToken(username string, userID int32, secret string) (string, error) {
expirationTime := time.Now().Add(auth.AccessTokenDuration)
return generateToken(username, userID, auth.AccessTokenAudienceName, expirationTime, []byte(secret))
}
// RemoveTokensAndCookies removes the jwt token from the cookies.
func RemoveTokensAndCookies(c echo.Context) {
cookieExp := time.Now().Add(-1 * time.Hour)

36
api/v1/jwt.go
View File

@ -4,7 +4,6 @@ import (
"fmt"
"net/http"
"strings"
"time"
"github.com/boojack/slash/api/auth"
"github.com/boojack/slash/internal/util"
@ -21,39 +20,6 @@ const (
UserIDContextKey = "user-id"
)
type claimsMessage struct {
Name string `json:"name"`
jwt.RegisteredClaims
}
// generateToken generates a jwt token.
func generateToken(username string, userID int32, aud string, expirationTime time.Time, secret []byte) (string, error) {
// Create the JWT claims, which includes the username and expiry time.
claims := &claimsMessage{
Name: username,
RegisteredClaims: jwt.RegisteredClaims{
Audience: jwt.ClaimStrings{aud},
// In JWT, the expiry time is expressed as unix milliseconds.
ExpiresAt: jwt.NewNumericDate(expirationTime),
IssuedAt: jwt.NewNumericDate(time.Now()),
Issuer: auth.Issuer,
Subject: fmt.Sprint(userID),
},
}
// Declare the token with the HS256 algorithm used for signing, and the claims.
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
token.Header["kid"] = auth.KeyID
// Create the JWT string.
tokenString, err := token.SignedString(secret)
if err != nil {
return "", err
}
return tokenString, nil
}
func extractTokenFromHeader(c echo.Context) (string, error) {
authHeader := c.Request().Header.Get("Authorization")
if authHeader == "" {
@ -111,7 +77,7 @@ func JWTMiddleware(s *APIV1Service, next echo.HandlerFunc, secret string) echo.H
return echo.NewHTTPError(http.StatusUnauthorized, "Missing access token")
}
claims := &claimsMessage{}
claims := &auth.ClaimsMessage{}
_, err := jwt.ParseWithClaims(token, claims, func(t *jwt.Token) (any, error) {
if t.Method.Alg() != jwt.SigningMethodHS256.Name {
return nil, errors.Errorf("unexpected access token signing method=%v, expect %v", t.Header["alg"], jwt.SigningMethodHS256)