cadmium-im/zirconium-go
1
0
Fork 0
mirror of https://github.com/cadmium-im/zirconium-go.git synced 2024-11-23 19:02:20 +00:00
Code Issues Projects Releases Wiki Activity
b4ec836327
zirconium-go/core/auth_manager.go
ChronosX88 1584f9e58a Implement dynamic plugins support (by RPC)
2020-02-12 20:39:57 +04:00

80 lines
2.0 KiB
Go
Raw Blame History

package core
import (
"encoding/base64"
"fmt"
"time"
"github.com/dgrijalva/jwt-go"
)
const (
SigningKeyBytesAmount = 4096
TokenExpireTimeDuration = 24 * time.Hour
)
type AuthManager struct {
signingKey string // For now it is random bytes string represented in Base64
}
type JWTCustomClaims struct {
EntityID string `json:"entityID"`
DeviceID string `json:"deviceID"`
jwt.StandardClaims
}
func NewAuthManager() (*AuthManager, error) {
am := &AuthManager{}
bytes, err := GenRandomBytes(SigningKeyBytesAmount)
if err != nil {
return nil, err
}
am.signingKey = base64.RawStdEncoding.EncodeToString(bytes)
return am, nil
}
func (am *AuthManager) CreateNewToken(entityID, deviceID string, tokenExpireTimeDuration time.Duration) (string, error) {
timeNow := time.Now()
expiringTime := timeNow.Add(tokenExpireTimeDuration)
claims := JWTCustomClaims{
entityID,
deviceID,
jwt.StandardClaims{
ExpiresAt: time.Date(
expiringTime.Year(),
expiringTime.Month(),
expiringTime.Day(),
expiringTime.Hour(),
expiringTime.Minute(),
expiringTime.Second(),
expiringTime.Nanosecond(),
time.UTC,
).Unix(),
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString(am.signingKey)
if err != nil {
return "", err
}
return tokenString, nil
}
func (am *AuthManager) ValidateToken(tokenString string) (bool, string, string, error) {
token, err := jwt.ParseWithClaims(tokenString, &JWTCustomClaims{}, func(token *jwt.Token) (interface{}, error) {
// Don't forget to validate the alg is what you expect:
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
}
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
return []byte(am.signingKey), nil
})
if claims, ok := token.Claims.(*JWTCustomClaims); ok && token.Valid {
return true, claims.EntityID, claims.DeviceID, nil
}
return false, "", "", err
}
Reference in New Issue View Git Blame Copy Permalink