features/jwt-adustments #17

Merged
jtom38 merged 3 commits from features/jwt-adustments into main 2024-04-13 11:55:43 -07:00
4 changed files with 7 additions and 3 deletions

View File

@ -3,5 +3,6 @@ package domain
type EnvConfig struct { type EnvConfig struct {
AdminToken string AdminToken string
JwtSecret string JwtSecret string
ApiUri string
DisableMigrationsOnStartUp bool DisableMigrationsOnStartUp bool
} }

View File

@ -84,7 +84,7 @@ func (h *Handler) AuthLogin(c echo.Context) error {
return h.InternalServerErrorResponse(c, err.Error()) return h.InternalServerErrorResponse(c, err.Error())
} }
token, err := h.generateJwt(username) token, err := h.generateJwt(username, h.Config.ApiUri)
if err != nil { if err != nil {
return h.InternalServerErrorResponse(c, err.Error()) return h.InternalServerErrorResponse(c, err.Error())
} }

View File

@ -56,14 +56,16 @@ func (j JwtToken) hasScope(scope string) error {
return errors.New(ErrJwtScopeMissing) return errors.New(ErrJwtScopeMissing)
} }
func (h *Handler) generateJwt(username string) (string, error) { func (h *Handler) generateJwt(username, issuer string) (string, error) {
secret := []byte(h.Config.JwtSecret) secret := []byte(h.Config.JwtSecret)
// Anyone who wants to decrypt the key needs to use the same method
token := jwt.New(jwt.SigningMethodHS256) token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims) claims := token.Claims.(jwt.MapClaims)
claims["exp"] = time.Now().Add(10 * time.Minute) claims["exp"] = time.Now().Add(10 * time.Minute)
claims["authorized"] = true claims["authorized"] = true
claims["username"] = username claims["username"] = username
claims["iss"] = issuer
var scopes []string var scopes []string
scopes = append(scopes, domain.ScopeRecipeRead) scopes = append(scopes, domain.ScopeRecipeRead)

View File

@ -24,6 +24,7 @@ func NewEnvConfig() domain.EnvConfig {
return domain.EnvConfig{ return domain.EnvConfig{
AdminToken: os.Getenv("AdminToken"), AdminToken: os.Getenv("AdminToken"),
JwtSecret: os.Getenv("JwtSecret"), JwtSecret: os.Getenv("JwtSecret"),
ApiUri: os.Getenv("ApiUri"),
DisableMigrationsOnStartUp: disableMigrations, DisableMigrationsOnStartUp: disableMigrations,
} }
} }