This repository has been archived by the owner on Jun 6, 2022. It is now read-only.
/
token.go
70 lines (56 loc) · 1.99 KB
/
token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package account
import (
"fmt"
"net/http"
"io/ioutil"
"encoding/json"
"github.com/dgrijalva/jwt-go"
"github.com/nwatchcanada/nwapp-back/models"
"github.com/nwatchcanada/nwapp-back/utils"
"github.com/nwatchcanada/nwapp-back/serializers"
)
type TokenRequest struct {
RefreshToken string `json:"refresh_token,omitempty"`
}
/**
* API endpoint used to refresh the access token given a valid refresh token
* is inputted by the user.
*/
func RefreshTokenHandler(w http.ResponseWriter, r *http.Request) {
// STEP 1: Get our byte data array.
buf, err := ioutil.ReadAll(r.Body)
// STEP 2: Deserialize bytes into our struct object.
var tokenReq TokenRequest
err = json.Unmarshal(buf, &tokenReq)
if err != nil {
fmt.Println(err)
}
// STEP 3: Confirm it's valid.
token, isValid := utils.VerifyToken(tokenReq.RefreshToken)
if isValid == false {
w.WriteHeader(http.StatusUnauthorized) // Note: Refresh token expired.
return
}
// https://github.com/go-chi/jwtauth/blob/master/jwtauth.go#L191
// STEP 4: Get the claims data from our refresh token.
var claims jwt.MapClaims
if tokenClaims, ok := token.Claims.(jwt.MapClaims); ok {
claims = tokenClaims
} else {
panic(fmt.Sprintf("jwtauth: unknown type of Claims: %T", token.Claims))
}
// STEP 5: Extract email and find the user.
email := claims["email"].(string)
user, _ := models.FindUserByEmail(email)
// STEP 6: Generate our new access and refresh token.
t, rf := utils.GenerateJWTToken(user.Email.String, user.GroupId, user.TenantSchema.String)
context := make(map[string]string)
context["AccessToken"] = t
context["RefreshToken"] = rf
// STEP 7:
// If we get to this line of code then we will be serializing our `User`
// and returning our data.
profileSerializer := serializers.ProfileSerializer{Request: r}
b := profileSerializer.Serialize(user, context)
w.Write(b) // Return our `[]byte` data.
}