summaryrefslogtreecommitdiff
path: root/util
diff options
context:
space:
mode:
Diffstat (limited to 'util')
-rw-r--r--util/authorize.go (renamed from util/jwt_middleware.go)27
1 files changed, 22 insertions, 5 deletions
diff --git a/util/jwt_middleware.go b/util/authorize.go
index ce8c20a..ca6660e 100644
--- a/util/jwt_middleware.go
+++ b/util/authorize.go
@@ -18,12 +18,14 @@
package util
import (
- "github.com/golang-jwt/jwt/v4"
"github.com/gin-gonic/gin"
+ "github.com/golang-jwt/jwt/v4"
"net/http"
+ "time"
)
var accessSecret []byte
+
func init() {
conf := GetConfig().Crypto
accessSecret = []byte(conf.AccessTokenSecret)
@@ -39,13 +41,28 @@ func Authorize() gin.HandlerFunc {
if err != nil {
ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "access token expired"})
} else {
- ctx.Set("userId", token.Claims.(*jwt.StandardClaims).Issuer)
- ctx.Next()
+ ctx.Set("userId", token.Claims.(*jwt.StandardClaims).Issuer)
+ ctx.Next()
}
} else {
- // invalid Authorization header
- ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "not logged in"})
+ // invalid Authorization header
+ ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "not logged in"})
}
}
}
+
+// generate new access token
+func newAccessToken(userId string) (string, error) {
+ claims := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.StandardClaims{
+ Issuer: userId,
+ ExpiresAt: time.Now().Add(time.Second * 15).Unix(),
+ })
+
+ token, err := claims.SignedString(accessSecret)
+ if err != nil {
+ return "", err
+ }
+
+ return token, nil
+}