refactor jwt secret
This commit is contained in:
@@ -4,6 +4,9 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"go-nkode/util"
|
||||
"log"
|
||||
"os"
|
||||
"time"
|
||||
)
|
||||
|
||||
@@ -23,7 +26,20 @@ const (
|
||||
resetNKodeTokenExp = 5 * time.Minute
|
||||
)
|
||||
|
||||
var secret = GetJwtSecret("./secrets.json")
|
||||
var secret = getJwtSecret()
|
||||
|
||||
func getJwtSecret() []byte {
|
||||
jwtSecret := os.Getenv("JWT_SECRET")
|
||||
if jwtSecret == "" {
|
||||
log.Fatal("No JWT_SECRET found")
|
||||
}
|
||||
|
||||
jwtBytes, err := util.ParseHexString(jwtSecret)
|
||||
if err != nil {
|
||||
log.Fatalf("error parsing jwt secret %v", err)
|
||||
}
|
||||
return jwtBytes
|
||||
}
|
||||
|
||||
func NewAuthenticationTokens(username string, customerId CustomerId) (AuthenticationTokens, error) {
|
||||
accessClaims := NewAccessClaim(username, customerId)
|
||||
|
||||
@@ -4,11 +4,11 @@
|
||||
num_bytes=16
|
||||
|
||||
# Use dd to read cryptographically secure bytes from /dev/urandom
|
||||
# and convert them to integers using od
|
||||
secure_bytes=$(dd if=/dev/urandom bs=1 count=$num_bytes 2>/dev/null | od -An -tu1)
|
||||
# and convert them to hexadecimal using od
|
||||
secure_bytes=$(dd if=/dev/urandom bs=1 count=$num_bytes 2>/dev/null | od -An -tx1)
|
||||
|
||||
# Remove leading/trailing spaces and replace spaces with commas
|
||||
secure_bytes=$(echo $secure_bytes | sed 's/ /,/g')
|
||||
# Remove leading/trailing spaces and concatenate the hex bytes into a single string
|
||||
secure_bytes=$(echo $secure_bytes | tr -d ' \n')
|
||||
|
||||
# Output the result as a comma-separated list of integers
|
||||
echo "Cryptographically secure bytes (as integers): $secure_bytes"
|
||||
# Output the result as a hexadecimal string
|
||||
echo "Cryptographically secure bytes (as hex): $secure_bytes"
|
||||
|
||||
10
util/util.go
10
util/util.go
@@ -4,6 +4,7 @@ import (
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"encoding/binary"
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
"fmt"
|
||||
"go-nkode/hashset"
|
||||
@@ -261,3 +262,12 @@ func GenerateRandomString(length int) string {
|
||||
}
|
||||
return string(b)
|
||||
}
|
||||
|
||||
func ParseHexString(hexStr string) ([]byte, error) {
|
||||
// Decode the hex string into bytes
|
||||
bytes, err := hex.DecodeString(hexStr)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return bytes, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user