aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-04-18 21:19:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: update acl in api v2

Browse Source
This commit is contained in:
Steven 2023-08-06 13:50:04 +08:00
parent fb3267d139
commit d8903875d3
1 changed files with 5 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
api/v2/jwt.go → api/v2/acl.go
View File

@ -3,9 +3,7 @@ package v2
import (
"context"
"net/http"
"strconv"
"strings"
"time"
"github.com/boojack/slash/api/auth"
"github.com/boojack/slash/internal/util"
@ -39,6 +37,11 @@ const (
UserIDContextKey ContextKey = iota
)
type claimsMessage struct {
Name string `json:"name"`
jwt.RegisteredClaims
}
// GRPCAuthInterceptor is the auth interceptor for gRPC server.
type GRPCAuthInterceptor struct {
store *store.Store
@ -154,41 +157,3 @@ func audienceContains(audience jwt.ClaimStrings, token string) bool {
}
return false
}
type claimsMessage struct {
Name string `json:"name"`
jwt.RegisteredClaims
}
// GenerateAccessToken generates an access token for web.
func GenerateAccessToken(username string, userID int, secret string) (string, error) {
expirationTime := time.Now().Add(auth.AccessTokenDuration)
return generateToken(username, userID, auth.AccessTokenAudienceName, expirationTime, []byte(secret))
}
func generateToken(username string, userID int, aud string, expirationTime time.Time, secret []byte) (string, error) {
// Create the JWT claims, which includes the username and expiry time.
claims := &claimsMessage{
Name: username,
RegisteredClaims: jwt.RegisteredClaims{
Audience: jwt.ClaimStrings{aud},
// In JWT, the expiry time is expressed as unix milliseconds.
ExpiresAt: jwt.NewNumericDate(expirationTime),
IssuedAt: jwt.NewNumericDate(time.Now()),
Issuer: auth.Issuer,
Subject: strconv.Itoa(userID),
},
}
// Declare the token with the HS256 algorithm used for signing, and the claims.
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
token.Header["kid"] = auth.KeyID
// Create the JWT string.
tokenString, err := token.SignedString(secret)
if err != nil {
return "", err
}
return tokenString, nil
}