LumeWeb
/
portal
1
0
Fork 0
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

refactor: change generateToken to set audience based on a type to separate auth and challenge tokens

This commit is contained in:
Derrick Hammer 2023-08-04 12:54:13 -04:00
parent e2db880038
commit a7ac5a5b72
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
service/auth/util.go
View File

@ -24,11 +24,12 @@ func verifyPassword(hashedPassword, password string) error {
} }
// generateToken generates a JWT token for the given account ID. // generateToken generates a JWT token for the given account ID.
func generateToken(maxAge time.Duration) (string, error) { func generateToken(maxAge time.Duration, ttype string) (string, error) {
// Define the JWT claims. // Define the JWT claims.
claim := jwt.Claims{ claim := jwt.Claims{
Expiry: time.Now().Add(time.Hour * 24).Unix(), // Token expires in 24 hours. Expiry: time.Now().Add(time.Hour * 24).Unix(), // Token expires in 24 hours.
IssuedAt: time.Now().Unix(), IssuedAt: time.Now().Unix(),
Audience: []string{ttype},
} }
token, err := jwt.Sign(jwt.EdDSA, jwtKey, claim, jwt.MaxAge(maxAge)) token, err := jwt.Sign(jwt.EdDSA, jwtKey, claim, jwt.MaxAge(maxAge))
@ -43,7 +44,7 @@ func generateToken(maxAge time.Duration) (string, error) {
func generateAndSaveLoginToken(accountID uint, maxAge time.Duration) (string, error) { func generateAndSaveLoginToken(accountID uint, maxAge time.Duration) (string, error) {
// Generate a JWT token for the authenticated user. // Generate a JWT token for the authenticated user.
token, err := generateToken(maxAge) token, err := generateToken(maxAge, "auth")
if err != nil { if err != nil {
logger.Get().Error(ErrFailedGenerateToken.Error()) logger.Get().Error(ErrFailedGenerateToken.Error())
return "", ErrFailedGenerateToken return "", ErrFailedGenerateToken
@ -74,7 +75,7 @@ func generateAndSaveLoginToken(accountID uint, maxAge time.Duration) (string, er
func generateAndSaveChallengeToken(accountID uint, maxAge time.Duration) (string, error) { func generateAndSaveChallengeToken(accountID uint, maxAge time.Duration) (string, error) {
// Generate a JWT token for the authenticated user. // Generate a JWT token for the authenticated user.
token, err := generateToken(maxAge) token, err := generateToken(maxAge, "challenge")
if err != nil { if err != nil {
logger.Get().Error(ErrFailedGenerateToken.Error(), zap.Error(err)) logger.Get().Error(ErrFailedGenerateToken.Error(), zap.Error(err))
return "", ErrFailedGenerateToken return "", ErrFailedGenerateToken