76 lines
1.6 KiB
Go
76 lines
1.6 KiB
Go
package jwt
|
|
|
|
import (
|
|
"errors"
|
|
"time"
|
|
|
|
"github.com/golang-jwt/jwt/v5"
|
|
)
|
|
|
|
type Claims struct {
|
|
Username string `json:"username"`
|
|
jwt.RegisteredClaims
|
|
}
|
|
|
|
type Service struct {
|
|
secret string
|
|
expiry time.Duration
|
|
signingMethod jwt.SigningMethod
|
|
}
|
|
|
|
func NewService(secret string, expirySeconds int) *Service {
|
|
if secret == "" {
|
|
secret = "dev-secret-change-me"
|
|
}
|
|
if expirySeconds <= 0 {
|
|
expirySeconds = 3600
|
|
}
|
|
|
|
return &Service{
|
|
secret: secret,
|
|
expiry: time.Duration(expirySeconds) * time.Second,
|
|
signingMethod: jwt.SigningMethodHS256,
|
|
}
|
|
}
|
|
|
|
func (s *Service) IssueToken(username string) (string, error) {
|
|
if username == "" {
|
|
return "", errors.New("missing username")
|
|
}
|
|
|
|
now := time.Now()
|
|
claims := Claims{
|
|
Username: username,
|
|
RegisteredClaims: jwt.RegisteredClaims{
|
|
Subject: username,
|
|
IssuedAt: jwt.NewNumericDate(now),
|
|
ExpiresAt: jwt.NewNumericDate(now.Add(s.expiry)),
|
|
},
|
|
}
|
|
|
|
t := jwt.NewWithClaims(s.signingMethod, claims)
|
|
return t.SignedString([]byte(s.secret))
|
|
}
|
|
|
|
func (s *Service) ParseToken(tokenString string) (*Claims, error) {
|
|
if tokenString == "" {
|
|
return nil, errors.New("missing token")
|
|
}
|
|
|
|
claims := &Claims{}
|
|
parsed, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
|
|
if token.Method == nil || token.Method.Alg() != s.signingMethod.Alg() {
|
|
return nil, errors.New("unexpected signing method")
|
|
}
|
|
return []byte(s.secret), nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if parsed == nil || !parsed.Valid {
|
|
return nil, errors.New("invalid token")
|
|
}
|
|
return claims, nil
|
|
}
|
|
|