refactor: change generateToken to set audience based on a type to separate auth and challenge tokens
This commit is contained in:
parent
e2db880038
commit
a7ac5a5b72
|
@ -24,11 +24,12 @@ func verifyPassword(hashedPassword, password string) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// generateToken generates a JWT token for the given account ID.
|
// generateToken generates a JWT token for the given account ID.
|
||||||
func generateToken(maxAge time.Duration) (string, error) {
|
func generateToken(maxAge time.Duration, ttype string) (string, error) {
|
||||||
// Define the JWT claims.
|
// Define the JWT claims.
|
||||||
claim := jwt.Claims{
|
claim := jwt.Claims{
|
||||||
Expiry: time.Now().Add(time.Hour * 24).Unix(), // Token expires in 24 hours.
|
Expiry: time.Now().Add(time.Hour * 24).Unix(), // Token expires in 24 hours.
|
||||||
IssuedAt: time.Now().Unix(),
|
IssuedAt: time.Now().Unix(),
|
||||||
|
Audience: []string{ttype},
|
||||||
}
|
}
|
||||||
|
|
||||||
token, err := jwt.Sign(jwt.EdDSA, jwtKey, claim, jwt.MaxAge(maxAge))
|
token, err := jwt.Sign(jwt.EdDSA, jwtKey, claim, jwt.MaxAge(maxAge))
|
||||||
|
@ -43,7 +44,7 @@ func generateToken(maxAge time.Duration) (string, error) {
|
||||||
|
|
||||||
func generateAndSaveLoginToken(accountID uint, maxAge time.Duration) (string, error) {
|
func generateAndSaveLoginToken(accountID uint, maxAge time.Duration) (string, error) {
|
||||||
// Generate a JWT token for the authenticated user.
|
// Generate a JWT token for the authenticated user.
|
||||||
token, err := generateToken(maxAge)
|
token, err := generateToken(maxAge, "auth")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Get().Error(ErrFailedGenerateToken.Error())
|
logger.Get().Error(ErrFailedGenerateToken.Error())
|
||||||
return "", ErrFailedGenerateToken
|
return "", ErrFailedGenerateToken
|
||||||
|
@ -74,7 +75,7 @@ func generateAndSaveLoginToken(accountID uint, maxAge time.Duration) (string, er
|
||||||
|
|
||||||
func generateAndSaveChallengeToken(accountID uint, maxAge time.Duration) (string, error) {
|
func generateAndSaveChallengeToken(accountID uint, maxAge time.Duration) (string, error) {
|
||||||
// Generate a JWT token for the authenticated user.
|
// Generate a JWT token for the authenticated user.
|
||||||
token, err := generateToken(maxAge)
|
token, err := generateToken(maxAge, "challenge")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Get().Error(ErrFailedGenerateToken.Error(), zap.Error(err))
|
logger.Get().Error(ErrFailedGenerateToken.Error(), zap.Error(err))
|
||||||
return "", ErrFailedGenerateToken
|
return "", ErrFailedGenerateToken
|
||||||
|
|
Loading…
Reference in New Issue