-
Notifications
You must be signed in to change notification settings - Fork 0
/
user.go
98 lines (78 loc) · 2.25 KB
/
user.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package service
import (
"context"
"crypto/sha1"
"errors"
"fmt"
"time"
"github.com/dgrijalva/jwt-go"
"github.com/fidesy/go-url-shortener/internal/domain"
"github.com/fidesy/go-url-shortener/internal/repository"
)
type User interface {
Create(user domain.User) (interface{}, error)
GenerateToken(username, password string) (string, error)
ParseToken(accessToken string) (interface{}, error)
}
const (
salt = "sH6tPbN89ghtQk98"
signingKey = "jhk!kj4378bvk3f98JBNMu3njnHK"
tokenTTL = 12 * time.Hour
)
type tokenClaims struct {
jwt.StandardClaims
UserID interface{} `json:"user_id"`
}
type UserService struct {
repo *repository.Repository
}
func NewUserService(repo *repository.Repository) *UserService {
return &UserService{repo: repo}
}
var _ User = &UserService{}
func (s *UserService) Create(user domain.User) (interface{}, error) {
exists, err := s.repo.User.UsernameExists(context.Background(), user.Username)
if err != nil {
return 0, err
}
if exists {
return 0, errors.New("username already in use")
}
user.Password = generatePasswordHash(user.Password)
return s.repo.User.Create(context.Background(), user)
}
func (s *UserService) GenerateToken(username, password string) (string, error) {
user, err := s.repo.User.Get(context.Background(), username, generatePasswordHash(password))
if err != nil {
return "", err
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, &tokenClaims{
jwt.StandardClaims{
ExpiresAt: time.Now().Add(tokenTTL).Unix(),
IssuedAt: time.Now().Unix(),
},
user.ID,
})
return token.SignedString([]byte(signingKey))
}
func (s *UserService) ParseToken(accessToken string) (interface{}, error) {
token, err := jwt.ParseWithClaims(accessToken, &tokenClaims{}, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, errors.New("invalid signing method")
}
return []byte(signingKey), nil
})
if err != nil {
return 0, err
}
claims, ok := token.Claims.(*tokenClaims)
if !ok {
return 0, errors.New("token claims are not of type *tokenClaims")
}
return claims.UserID, nil
}
func generatePasswordHash(password string) string {
hash := sha1.New()
hash.Write([]byte(password))
return fmt.Sprintf("%x", hash.Sum([]byte(salt)))
}