implement reset nkode
This commit is contained in:
@@ -7,49 +7,57 @@ import (
|
||||
"time"
|
||||
)
|
||||
|
||||
type JwtTokens struct {
|
||||
type AuthenticationTokens struct {
|
||||
AccessToken string `json:"access_token"`
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
}
|
||||
|
||||
type ResetNKodeClaims struct {
|
||||
Reset bool `json:"reset"`
|
||||
jwt.RegisteredClaims
|
||||
}
|
||||
|
||||
const (
|
||||
accessTokenExp = 5 * time.Minute
|
||||
refreshTokenExp = 30 * 24 * time.Hour
|
||||
accessTokenExp = 5 * time.Minute
|
||||
refreshTokenExp = 30 * 24 * time.Hour
|
||||
resetNKodeTokenExp = 5 * time.Minute
|
||||
)
|
||||
|
||||
var secret = []byte("your-secret-key")
|
||||
|
||||
func NewJwtTokens(username string) (JwtTokens, error) {
|
||||
accessClaims := NewAccessClaim(username)
|
||||
func NewAuthenticationTokens(username string, customerId CustomerId) (AuthenticationTokens, error) {
|
||||
accessClaims := NewAccessClaim(username, customerId)
|
||||
|
||||
refreshClaims := jwt.RegisteredClaims{
|
||||
Subject: username,
|
||||
Issuer: CustomerIdToString(customerId),
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(refreshTokenExp)),
|
||||
}
|
||||
|
||||
accessJwt, err := EncodeAndSignClaims(accessClaims)
|
||||
if err != nil {
|
||||
return JwtTokens{}, err
|
||||
return AuthenticationTokens{}, err
|
||||
}
|
||||
refreshJwt, err := EncodeAndSignClaims(refreshClaims)
|
||||
|
||||
if err != nil {
|
||||
return JwtTokens{}, err
|
||||
return AuthenticationTokens{}, err
|
||||
}
|
||||
return JwtTokens{
|
||||
return AuthenticationTokens{
|
||||
AccessToken: accessJwt,
|
||||
RefreshToken: refreshJwt,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func NewAccessClaim(username string) jwt.RegisteredClaims {
|
||||
func NewAccessClaim(username string, customerId CustomerId) jwt.RegisteredClaims {
|
||||
return jwt.RegisteredClaims{
|
||||
Subject: username,
|
||||
Issuer: CustomerIdToString(customerId),
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(accessTokenExp)),
|
||||
}
|
||||
}
|
||||
|
||||
func EncodeAndSignClaims(claims jwt.RegisteredClaims) (string, error) {
|
||||
func EncodeAndSignClaims(claims jwt.Claims) (string, error) {
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||
return token.SignedString(secret)
|
||||
}
|
||||
@@ -91,3 +99,29 @@ func ClaimExpired(claims jwt.RegisteredClaims) error {
|
||||
}
|
||||
return errors.New("claim expired")
|
||||
}
|
||||
|
||||
func ResetNKodeToken(userEmail Email, customerId CustomerId) (string, error) {
|
||||
resetClaims := ResetNKodeClaims{
|
||||
true,
|
||||
jwt.RegisteredClaims{
|
||||
Subject: string(userEmail),
|
||||
Issuer: CustomerIdToString(customerId),
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(resetNKodeTokenExp)),
|
||||
},
|
||||
}
|
||||
return EncodeAndSignClaims(resetClaims)
|
||||
}
|
||||
|
||||
func ParseRestNKodeToken(resetNKodeToken string) (*ResetNKodeClaims, error) {
|
||||
token, err := jwt.ParseWithClaims(resetNKodeToken, &ResetNKodeClaims{}, func(token *jwt.Token) (interface{}, error) {
|
||||
return secret, nil
|
||||
})
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error parsing refresh token: %w", err)
|
||||
}
|
||||
claims, ok := token.Claims.(*ResetNKodeClaims)
|
||||
if !ok {
|
||||
return nil, errors.New("unable to parse claims")
|
||||
}
|
||||
return claims, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user