From f72e7b8cecf02e1ec2d8f55a7e9576b7ebbbd455 Mon Sep 17 00:00:00 2001 From: Jan Bader Date: Wed, 2 Mar 2022 22:06:58 +0000 Subject: [PATCH] Split jwt into two files --- jwt/{login.go => token-verifier.go} | 66 +++++------------------------ jwt/token.go | 49 +++++++++++++++++++++ 2 files changed, 60 insertions(+), 55 deletions(-) rename jwt/{login.go => token-verifier.go} (68%) create mode 100644 jwt/token.go diff --git a/jwt/login.go b/jwt/token-verifier.go similarity index 68% rename from jwt/login.go rename to jwt/token-verifier.go index 190ebd7..a10c7f9 100644 --- a/jwt/login.go +++ b/jwt/token-verifier.go @@ -12,31 +12,26 @@ import ( // TokenVerifier verifies Tokens. type TokenVerifier struct { - secret string + Expiration int + secret string } -var ErrEmptySecret = fmt.Errorf("secret is required") - func NewTokenVerifier(secret string) (*TokenVerifier, error) { if secret == "" { return nil, ErrEmptySecret } return &TokenVerifier{ - secret: secret, + Expiration: 72, + secret: secret, }, nil } -// Token contains everything to authenticate a user. -type Token struct { - username string - name string - expiry float64 - id uuid.UUID -} - -const ( - expiration = 72 +var ( + ErrUnexpectedSigningMethod = fmt.Errorf("unexpected signing method") + ErrInvalidToken = fmt.Errorf("token is invalid") + ErrTokenExpired = fmt.Errorf("token has expired") + ErrEmptySecret = fmt.Errorf("secret is required") ) // CreateToken creates a new token from username and name. @@ -48,7 +43,7 @@ func (tv *TokenVerifier) CreateToken(user *postgres.User) (string, error) { token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ "usr": user.Email, "name": user.Name, - "exp": time.Now().Add(time.Hour * expiration).Unix(), + "exp": time.Now().Add(time.Hour * time.Duration(tv.Expiration)).Unix(), "id": user.ID, }) @@ -61,13 +56,7 @@ func (tv *TokenVerifier) CreateToken(user *postgres.User) (string, error) { return t, nil } -var ( - ErrUnexpectedSigningMethod = fmt.Errorf("unexpected signing method") - ErrInvalidToken = fmt.Errorf("token is invalid") - ErrTokenExpired = fmt.Errorf("token has expired") -) - -// VerifyToken verifys a given string-token. +// VerifyToken verifies a given string-token. func (tv *TokenVerifier) VerifyToken(tokenString string) (budgeteer.Token, error) { //nolint:ireturn if tv.secret == "" { return nil, ErrEmptySecret @@ -96,36 +85,3 @@ func (tv *TokenVerifier) VerifyToken(tokenString string) (budgeteer.Token, error } return tkn, nil } - -func verifyToken(token *jwt.Token) (jwt.MapClaims, error) { - if !token.Valid { - return nil, ErrInvalidToken - } - - claims, ok := token.Claims.(jwt.MapClaims) - if !ok { - return nil, ErrInvalidToken - } - - if !claims.VerifyExpiresAt(time.Now().Unix(), true) { - return nil, ErrTokenExpired - } - - return claims, nil -} - -func (t *Token) GetName() string { - return t.name -} - -func (t *Token) GetUsername() string { - return t.username -} - -func (t *Token) GetExpiry() float64 { - return t.expiry -} - -func (t *Token) GetID() uuid.UUID { - return t.id -} diff --git a/jwt/token.go b/jwt/token.go new file mode 100644 index 0000000..c9537cd --- /dev/null +++ b/jwt/token.go @@ -0,0 +1,49 @@ +package jwt + +import ( + "time" + + "github.com/dgrijalva/jwt-go" + "github.com/google/uuid" +) + +// Token contains everything to authenticate a user. +type Token struct { + username string + name string + expiry float64 + id uuid.UUID +} + +func verifyToken(token *jwt.Token) (jwt.MapClaims, error) { + if !token.Valid { + return nil, ErrInvalidToken + } + + claims, ok := token.Claims.(jwt.MapClaims) + if !ok { + return nil, ErrInvalidToken + } + + if !claims.VerifyExpiresAt(time.Now().Unix(), true) { + return nil, ErrTokenExpired + } + + return claims, nil +} + +func (t *Token) GetName() string { + return t.name +} + +func (t *Token) GetUsername() string { + return t.username +} + +func (t *Token) GetExpiry() float64 { + return t.expiry +} + +func (t *Token) GetID() uuid.UUID { + return t.id +}