From dd5cce63c516c5e5c5b9dbc4eb7570303975aa8a Mon Sep 17 00:00:00 2001
From: Steven <stevenlgtm@gmail.com>
Date: Wed, 20 Sep 2023 21:15:30 +0800
Subject: [PATCH] chore: update generate access token

---
 api/auth/auth.go       | 6 +++---
 api/v1/auth.go         | 4 ++--
 api/v2/user_service.go | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/api/auth/auth.go b/api/auth/auth.go
index 79c417d..2ce7d3b 100644
--- a/api/auth/auth.go
+++ b/api/auth/auth.go
@@ -31,8 +31,8 @@ type ClaimsMessage struct {
 
 // GenerateAccessToken generates an access token.
 // username is the email of the user.
-func GenerateAccessToken(username string, userID int32, expirationTime time.Time, secret string) (string, error) {
-	return generateToken(username, userID, AccessTokenAudienceName, expirationTime, []byte(secret))
+func GenerateAccessToken(username string, userID int32, expirationTime time.Time, secret []byte) (string, error) {
+	return generateToken(username, userID, AccessTokenAudienceName, expirationTime, secret)
 }
 
 // generateToken generates a jwt token.
@@ -43,7 +43,7 @@ func generateToken(username string, userID int32, audience string, expirationTim
 		IssuedAt: jwt.NewNumericDate(time.Now()),
 		Subject:  fmt.Sprint(userID),
 	}
-	if expirationTime.After(time.Now()) {
+	if !expirationTime.IsZero() {
 		registeredClaims.ExpiresAt = jwt.NewNumericDate(expirationTime)
 	}
 
diff --git a/api/v1/auth.go b/api/v1/auth.go
index 15afba6..69f3f56 100644
--- a/api/v1/auth.go
+++ b/api/v1/auth.go
@@ -51,7 +51,7 @@ func (s *APIV1Service) registerAuthRoutes(g *echo.Group, secret string) {
 			return echo.NewHTTPError(http.StatusUnauthorized, "unmatched email and password")
 		}
 
-		accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, time.Now().Add(auth.AccessTokenDuration), secret)
+		accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, time.Now().Add(auth.AccessTokenDuration), []byte(secret))
 		if err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
 		}
@@ -107,7 +107,7 @@ func (s *APIV1Service) registerAuthRoutes(g *echo.Group, secret string) {
 			return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to create user, err: %s", err)).SetInternal(err)
 		}
 
-		accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, time.Now().Add(auth.AccessTokenDuration), secret)
+		accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, time.Now().Add(auth.AccessTokenDuration), []byte(secret))
 		if err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
 		}
diff --git a/api/v2/user_service.go b/api/v2/user_service.go
index 1896395..93860a8 100644
--- a/api/v2/user_service.go
+++ b/api/v2/user_service.go
@@ -197,7 +197,7 @@ func (s *UserService) CreateUserAccessToken(ctx context.Context, request *apiv2p
 		return nil, status.Errorf(codes.NotFound, "user not found")
 	}
 
-	accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, request.UserAccessToken.ExpiresAt.AsTime(), s.Secret)
+	accessToken, err := auth.GenerateAccessToken(user.Email, user.ID, request.UserAccessToken.ExpiresAt.AsTime(), []byte(s.Secret))
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed to generate access token: %v", err)
 	}