-
Notifications
You must be signed in to change notification settings - Fork 4
/
authOperation.go
101 lines (76 loc) · 2.19 KB
/
authOperation.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
// Copyright 2017, Dell EMC, Inc.
package auth_operations
import (
// "net/http"
"fmt"
"github.com/dgrijalva/jwt-go"
"os"
"strings"
"time"
)
var signedToken = ""
const (
bearer string = "bearer"
secret string = "secret"
)
type Claims struct {
Username string `json:"username"`
jwt.StandardClaims
}
func (c *Claims) ValidateLogin(username string, password string) (bool, error) {
envUser, envChkUser := os.LookupEnv("SERVICE_USERNAME")
envPass, envChkPass := os.LookupEnv("SERVICE_PASSWORD")
if envChkUser == false || envChkPass == false {
err := fmt.Errorf("Service Username or Password not set")
return false, err
}
if username == envUser && password == envPass {
return true, nil
}
return false, nil
}
func (c *Claims) SetToken(username string) string {
// Expires the token and cookie in 1 hour
expireToken := time.Now().Add(time.Hour * 2).Unix()
// We'll manually assign the claims but in production you'd insert values from a database
claims := Claims{
username,
jwt.StandardClaims{
ExpiresAt: expireToken,
Issuer: "localhost:9000",
},
}
// Create the token using your claims
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
// Signs the token with a secret.
signedToken, _ = token.SignedString([]byte(secret))
fmt.Println("Token created : -----> %+v", signedToken)
return signedToken
}
// middleware to protect private pages
func ValidateToken(tokenHeader string) bool {
tokenString, ok := extractTokenFromAuthHeader(tokenHeader)
if !ok {
return false
}
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
// Don't forget to validate the alg is what you expect:
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
}
return []byte(secret), nil
})
if _, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
return true
} else {
fmt.Println(err)
return false
}
}
func extractTokenFromAuthHeader(val string) (token string, ok bool) {
authHeaderParts := strings.Split(val, " ")
if len(authHeaderParts) != 2 || strings.ToLower(authHeaderParts[0]) != bearer {
return "", false
}
return authHeaderParts[1], true
}