1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
package helper
import (
"net/http"
"strconv"
"time"
"github.com/golang-jwt/jwt/v4"
)
// WARNING this key should be secret and constant between deployments.
// If you use this software in the wild, at the very least change this value!
// https://www.sohamkamani.com/golang/jwt-authentication/
var jwt_key = []byte("iph7noo1ohQuam5sou5wa2aeChixo7")
func IssueToken(uid int, writer http.ResponseWriter) error {
expiration := time.Now().Add(60 * time.Minute)
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
Subject: strconv.Itoa(uid),
ExpiresAt: jwt.NewNumericDate(expiration),
Issuer: "react-go-forum",
})
token_string, err := token.SignedString(jwt_key)
if err != nil {
return err
}
http.SetCookie(writer, &http.Cookie{
Name: "token",
Value: token_string,
Expires: expiration,
SameSite: http.SameSiteStrictMode,
Path: "/",
})
return nil
}
// Returns a non-nil RegisteredClaims if valid, nil otherwise. Handles responding to bad tokens.
func GetValidClaims(writer http.ResponseWriter, request *http.Request) *jwt.RegisteredClaims {
cookie, err := request.Cookie("token")
if err != nil {
if err == http.ErrNoCookie {
WriteErrorJson("access denied", writer, http.StatusUnauthorized)
return nil
}
WriteInternalErrorJson(err, writer)
return nil
}
claims := &jwt.RegisteredClaims{}
token, err := jwt.ParseWithClaims(cookie.Value, claims, func(token *jwt.Token) (interface{}, error) {
return jwt_key, nil
})
if err != nil {
WriteInternalErrorJson(err, writer)
return nil
}
if !token.Valid {
WriteErrorJson("access denied", writer, http.StatusUnauthorized)
return nil
}
return claims
}
|
