♻️ refactored login-related code
This commit is contained in:
@@ -1,3 +0,0 @@
|
||||
package constant
|
||||
|
||||
const SESSION_KEY = "SESSION"
|
||||
3
app/core/api/common/constant/uid_key.go
Normal file
3
app/core/api/common/constant/uid_key.go
Normal file
@@ -0,0 +1,3 @@
|
||||
package constant
|
||||
|
||||
const UID_HEADER_KEY = "X-UID"
|
||||
@@ -19,7 +19,7 @@ func GenerateAccessToken(secret string, payload AccessJWTPayload) string {
|
||||
claims := AccessJWTClaims{
|
||||
AccessJWTPayload: payload,
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 30)),
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 15)),
|
||||
IssuedAt: jwt.NewNumericDate(time.Now()),
|
||||
NotBefore: jwt.NewNumericDate(time.Now()),
|
||||
},
|
||||
|
||||
48
app/core/api/common/jwt/websocket_token.go
Normal file
48
app/core/api/common/jwt/websocket_token.go
Normal file
@@ -0,0 +1,48 @@
|
||||
package jwt
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
)
|
||||
|
||||
type WebsocketJWTPayload struct {
|
||||
UserID string `json:"user_id"`
|
||||
Type string `json:"type"`
|
||||
Expr string `json:"expr"`
|
||||
}
|
||||
type WebsocketJWTClaims struct {
|
||||
AccessJWTPayload
|
||||
jwt.RegisteredClaims
|
||||
}
|
||||
|
||||
func GenerateWebsocketToken(secret string, payload AccessJWTPayload) string {
|
||||
claims := AccessJWTClaims{
|
||||
AccessJWTPayload: payload,
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 15)),
|
||||
IssuedAt: jwt.NewNumericDate(time.Now()),
|
||||
NotBefore: jwt.NewNumericDate(time.Now()),
|
||||
},
|
||||
}
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||||
accessToken, err := token.SignedString([]byte(secret))
|
||||
if err != nil {
|
||||
return ""
|
||||
}
|
||||
return accessToken
|
||||
}
|
||||
|
||||
// ParseWebsocketToken parses a JWT token and returns the payload
|
||||
func ParseWebsocketToken(secret string, tokenString string) (*AccessJWTPayload, bool) {
|
||||
token, err := jwt.ParseWithClaims(tokenString, &AccessJWTClaims{}, func(token *jwt.Token) (interface{}, error) {
|
||||
return []byte(secret), nil
|
||||
})
|
||||
if err != nil {
|
||||
return nil, false
|
||||
}
|
||||
if claims, ok := token.Claims.(*AccessJWTClaims); ok && token.Valid {
|
||||
return &claims.AccessJWTPayload, true
|
||||
}
|
||||
return nil, false
|
||||
}
|
||||
@@ -7,7 +7,7 @@ func CORSMiddleware() func(http.Header) {
|
||||
header.Set("Access-Control-Allow-Origin", "*")
|
||||
header.Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, PATCH")
|
||||
header.Set("Access-Control-Expose-Headers", "Content-Length, Content-Type")
|
||||
header.Set("Access-Control-Allow-Headers", "Content-Type,Authorization,Accept-Language,Origin,X-Content-Security")
|
||||
header.Set("Access-Control-Allow-Headers", "Content-Type,Authorization,Accept-Language,Origin,X-Content-Security,X-UID")
|
||||
header.Set("Access-Control-Allow-Credentials", "true")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,7 +10,7 @@ import (
|
||||
|
||||
func UnauthorizedCallbackMiddleware() func(w http.ResponseWriter, r *http.Request, err error) {
|
||||
return func(w http.ResponseWriter, r *http.Request, err error) {
|
||||
// httpx.WriteJson(w, http.StatusUnauthorized, response.ErrorWithCodeMessage(http.StatusUnauthorized, "Unauthorized"))
|
||||
httpx.OkJsonCtx(r.Context(), w, response.ErrorWithCodeMessage(http.StatusUnauthorized, "Unauthorized"))
|
||||
httpx.OkJsonCtx(r.Context(), w, response.ErrorWithCodeMessage(http.StatusUnauthorized, err.Error()))
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user