-
Notifications
You must be signed in to change notification settings - Fork 0
/
jwt.go
81 lines (73 loc) · 1.84 KB
/
jwt.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
package stdserver
import (
"time"
"github.com/dgrijalva/jwt-go"
"github.com/gofiber/fiber/v2"
jwtware "github.com/gofiber/jwt/v2"
"github.com/google/uuid"
)
const JwtContextKey = "jwt"
type LoginFunc func(c *fiber.Ctx) (jwt.Claims, error)
func defaultLoginHandler(c *fiber.Ctx) (jwt.Claims, error) {
iss := defaultAppName
cfg, ok := c.Locals("config").(*Settings)
if ok {
iss = cfg.Name
}
id, err := uuid.NewRandom()
if err != nil {
id = uuid.Must(uuid.FromBytes(make([]byte, 16)))
}
return &jwt.StandardClaims{
Audience: "dev",
ExpiresAt: time.Now().Add(time.Hour).Unix(),
Id: id.String(),
IssuedAt: time.Now().Unix(),
Issuer: iss,
Subject: "anonymous",
}, nil
}
func JWT(cfg *Settings, claimsType jwt.Claims) fiber.Handler {
logger := cfg.Logger.WithField("module", "JWT")
defer func() {
if r := recover(); r != nil {
logger.WithField("panic", r).Fatal("panic")
}
}()
if cfg.LoginHandler == nil {
cfg.LoginHandler = defaultLoginHandler
}
kt, err := LoadKeyTableFromDir(cfg.KeyTableDir)
if err != nil {
logger.WithError(err).Fatal("while loading key table")
}
signMap := kt.GetPrivateKeys()
ware := jwtware.New(jwtware.Config{
SigningKeys: kt.GetPublicKeys(),
SigningMethod: "ES256",
ContextKey: "jwt",
Claims: claimsType,
Filter: cfg.SkipAuth,
})
return func(c *fiber.Ctx) error {
if c.Method() == fiber.MethodPost && c.Path() == cfg.LoginPath {
claims, err := cfg.LoginHandler(c)
if err != nil {
return err
}
token := jwt.NewWithClaims(jwt.SigningMethodES256, claims)
kid := ""
for kid = range signMap {
break
}
token.Header["kid"] = kid
t, err := token.SignedString(signMap[kid])
if err != nil {
return fiber.ErrInternalServerError
}
return c.JSON(fiber.Map{"data": fiber.Map{"token": t}})
} else {
return ware(c)
}
}
}