woj-server/internal/web/jwt/token.go

package jwt

import (
	"context"
	"errors"
	"fmt"
	"git.0x7f.app/WOJ/woj-server/internal/e"
	"git.0x7f.app/WOJ/woj-server/internal/model"
	"git.0x7f.app/WOJ/woj-server/pkg/utils"
	"github.com/golang-jwt/jwt/v4"
	"go.uber.org/zap"
	"time"
)

func (s *service) ParseToken(tokenText string) (*model.Claim, e.Status) {
	if tokenText == "" {
		return nil, e.TokenEmpty
	}

	token, err := jwt.ParseWithClaims(
		tokenText,
		new(model.Claim),
		func(token *jwt.Token) (interface{}, error) {
			if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
				return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
			}
			return s.SigningKey, nil
		})

	var ve *jwt.ValidationError
	if errors.As(err, &ve) {
		if ve.Errors&jwt.ValidationErrorMalformed != 0 {
			return nil, e.TokenMalformed
		} else if ve.Errors&(jwt.ValidationErrorExpired|jwt.ValidationErrorNotValidYet) != 0 {
			// Token is either expired or not active yet
			return nil, e.TokenTimeError
		} else {
			return nil, e.TokenInvalid
		}
	}

	if token.Valid {
		c := token.Claims.(*model.Claim)
		return c, e.Success
	}

	return nil, e.TokenInvalid
}

func (s *service) SignClaim(claim *model.Claim) (string, e.Status) {
	now := time.Now()

	claim.IssuedAt = jwt.NewNumericDate(now)
	claim.ExpiresAt = jwt.NewNumericDate(now.Add(time.Duration(s.ExpireHour) * time.Hour))
	claim.ID = utils.RandomString(16)
	claim.NotBefore = jwt.NewNumericDate(time.Now())

	token := jwt.NewWithClaims(jwt.SigningMethodHS512, claim)
	ss, err := token.SignedString(s.SigningKey)
	if err != nil {
		s.log.Warn("jwt.SignedString error", zap.Error(err))
		return "", e.TokenSignError
	}
	return ss, e.Success
}

func (s *service) Validate(claim *model.Claim) bool {
	curVersion, err := s.cacheService.Get().Get(context.Background(), fmt.Sprintf("Version:%d", claim.UID)).Int64()
	if err != nil {
		s.log.Debug("cache.Get error", zap.Error(err))
		return false
	}
	return curVersion == claim.Version
}
feat: add JWT service 2022-09-17 10:10:53 +08:00			`package jwt`

			`import (`
feat: add logout Co-authored-by: cxy004 <cxy004@qq.com> Co-authored-by: wzt <w.zhongtao@qq.com> 2022-09-17 18:10:06 +08:00			`"context"`
chore: cleanup 2023-12-18 20:55:37 +08:00			`"errors"`
feat: add JWT service 2022-09-17 10:10:53 +08:00			`"fmt"`
chore: move to git.0x7f.app 2023-07-14 21:47:11 +08:00			`"git.0x7f.app/WOJ/woj-server/internal/e"`
feat: refactor to use DI 2023-07-15 16:19:49 +08:00			`"git.0x7f.app/WOJ/woj-server/internal/model"`
chore: move to git.0x7f.app 2023-07-14 21:47:11 +08:00			`"git.0x7f.app/WOJ/woj-server/pkg/utils"`
feat: add JWT service 2022-09-17 10:10:53 +08:00			`"github.com/golang-jwt/jwt/v4"`
			`"go.uber.org/zap"`
			`"time"`
			`)`

feat: refactor to use DI 2023-07-15 16:19:49 +08:00			`func (s service) ParseToken(tokenText string) (model.Claim, e.Status) {`
feat: add JWT service 2022-09-17 10:10:53 +08:00			`if tokenText == "" {`
			`return nil, e.TokenEmpty`
			`}`

			`token, err := jwt.ParseWithClaims(`
			`tokenText,`
feat: refactor to use DI 2023-07-15 16:19:49 +08:00			`new(model.Claim),`
feat: add JWT service 2022-09-17 10:10:53 +08:00			`func(token *jwt.Token) (interface{}, error) {`
			`if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {`
			`return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])`
			`}`
			`return s.SigningKey, nil`
			`})`

chore: cleanup 2023-12-18 20:55:37 +08:00			`var ve *jwt.ValidationError`
			`if errors.As(err, &ve) {`
feat: add JWT service 2022-09-17 10:10:53 +08:00			`if ve.Errors&jwt.ValidationErrorMalformed != 0 {`
			`return nil, e.TokenMalformed`
			`} else if ve.Errors&(jwt.ValidationErrorExpired\|jwt.ValidationErrorNotValidYet) != 0 {`
			`// Token is either expired or not active yet`
			`return nil, e.TokenTimeError`
			`} else {`
			`return nil, e.TokenInvalid`
			`}`
			`}`

			`if token.Valid {`
feat: refactor to use DI 2023-07-15 16:19:49 +08:00			`c := token.Claims.(*model.Claim)`
feat: add JWT service 2022-09-17 10:10:53 +08:00			`return c, e.Success`
			`}`

			`return nil, e.TokenInvalid`
			`}`

feat: refactor to use DI 2023-07-15 16:19:49 +08:00			`func (s service) SignClaim(claim model.Claim) (string, e.Status) {`
feat: add JWT service 2022-09-17 10:10:53 +08:00			`now := time.Now()`

			`claim.IssuedAt = jwt.NewNumericDate(now)`
			`claim.ExpiresAt = jwt.NewNumericDate(now.Add(time.Duration(s.ExpireHour) * time.Hour))`
			`claim.ID = utils.RandomString(16)`
			`claim.NotBefore = jwt.NewNumericDate(time.Now())`

			`token := jwt.NewWithClaims(jwt.SigningMethodHS512, claim)`
			`ss, err := token.SignedString(s.SigningKey)`
			`if err != nil {`
			`s.log.Warn("jwt.SignedString error", zap.Error(err))`
			`return "", e.TokenSignError`
			`}`
			`return ss, e.Success`
			`}`
feat: add logout Co-authored-by: cxy004 <cxy004@qq.com> Co-authored-by: wzt <w.zhongtao@qq.com> 2022-09-17 18:10:06 +08:00
feat: refactor to use DI 2023-07-15 16:19:49 +08:00			`func (s service) Validate(claim model.Claim) bool {`
			`curVersion, err := s.cacheService.Get().Get(context.Background(), fmt.Sprintf("Version:%d", claim.UID)).Int64()`
feat: add logout Co-authored-by: cxy004 <cxy004@qq.com> Co-authored-by: wzt <w.zhongtao@qq.com> 2022-09-17 18:10:06 +08:00			`if err != nil {`
feat: refactor to use DI 2023-07-15 16:19:49 +08:00			`s.log.Debug("cache.Get error", zap.Error(err))`
feat: add logout Co-authored-by: cxy004 <cxy004@qq.com> Co-authored-by: wzt <w.zhongtao@qq.com> 2022-09-17 18:10:06 +08:00			`return false`
			`}`
			`return curVersion == claim.Version`
			`}`