1 files changed, 45 insertions, 4 deletions

diff --git a/auth/controller.go b/auth/controller.go
index 901d204..93211dd 100644
--- a/auth/controller.go
+++ b/auth/controller.go
@@ -18,16 +18,23 @@
 package auth
 
 import (
-	"vidhukant.com/openbills/user"
-	"golang.org/x/crypto/bcrypt"
-	"github.com/spf13/viper"
 	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/spf13/viper"
+	"golang.org/x/crypto/bcrypt"
+	"vidhukant.com/openbills/user"
 	"net/http"
+	"time"
 )
 
-var COST int
+var (
+	COST int
+	AUTH_KEY, REFRESH_KEY []byte
+)
 func init() {
 	COST = viper.GetInt("cryptography.password_hashing_cost")
+	AUTH_KEY = []byte(viper.GetString("cryptography.auth_key"))
+	REFRESH_KEY = []byte(viper.GetString("cryptography.refresh_key"))
 }
 
 func handleSignUp (ctx *gin.Context) {
@@ -74,7 +81,41 @@ func handleSignIn (ctx *gin.Context) {
 		return
 	}
 
+	authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256,
+		AuthClaims {
+			jwt.RegisteredClaims {
+				IssuedAt: jwt.NewNumericDate(time.Now()),
+			  ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)),
+			},
+			u.ID,
+		},
+	).SignedString(AUTH_KEY)
+	if err != nil {
+		// TODO: handle potential errors
+		ctx.Error(err)
+		ctx.Abort()
+		return
+	}
+
+	refreshToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256,
+		AuthClaims {
+			jwt.RegisteredClaims {
+				IssuedAt: jwt.NewNumericDate(time.Now()),
+			  ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)),
+			},
+			u.ID,
+		},
+	).SignedString(REFRESH_KEY)
+	if err != nil {
+		// TODO: handle potential errors
+		ctx.Error(err)
+		ctx.Abort()
+		return
+	}
+
 	ctx.JSON(http.StatusOK, gin.H{
+		"auth_token": authToken,
+		"refresh_token": refreshToken,
 		"message": "success",
 		"data": u,
 	})