From fc83df70b787e447bf31f4d99fa723c7e38544f2 Mon Sep 17 00:00:00 2001 From: Vidhu Kant Sharma Date: Sun, 3 Sep 2023 01:36:42 +0530 Subject: generating an access and refresh token upon login --- auth/controller.go | 49 +++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 45 insertions(+), 4 deletions(-) (limited to 'auth/controller.go') diff --git a/auth/controller.go b/auth/controller.go index 901d204..93211dd 100644 --- a/auth/controller.go +++ b/auth/controller.go @@ -18,16 +18,23 @@ package auth import ( - "vidhukant.com/openbills/user" - "golang.org/x/crypto/bcrypt" - "github.com/spf13/viper" "github.com/gin-gonic/gin" + "github.com/golang-jwt/jwt/v5" + "github.com/spf13/viper" + "golang.org/x/crypto/bcrypt" + "vidhukant.com/openbills/user" "net/http" + "time" ) -var COST int +var ( + COST int + AUTH_KEY, REFRESH_KEY []byte +) func init() { COST = viper.GetInt("cryptography.password_hashing_cost") + AUTH_KEY = []byte(viper.GetString("cryptography.auth_key")) + REFRESH_KEY = []byte(viper.GetString("cryptography.refresh_key")) } func handleSignUp (ctx *gin.Context) { @@ -74,7 +81,41 @@ func handleSignIn (ctx *gin.Context) { return } + authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, + AuthClaims { + jwt.RegisteredClaims { + IssuedAt: jwt.NewNumericDate(time.Now()), + ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), + }, + u.ID, + }, + ).SignedString(AUTH_KEY) + if err != nil { + // TODO: handle potential errors + ctx.Error(err) + ctx.Abort() + return + } + + refreshToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, + AuthClaims { + jwt.RegisteredClaims { + IssuedAt: jwt.NewNumericDate(time.Now()), + ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)), + }, + u.ID, + }, + ).SignedString(REFRESH_KEY) + if err != nil { + // TODO: handle potential errors + ctx.Error(err) + ctx.Abort() + return + } + ctx.JSON(http.StatusOK, gin.H{ + "auth_token": authToken, + "refresh_token": refreshToken, "message": "success", "data": u, }) -- cgit v1.2.3