From d29ffee93a6e21948173a1d312c5cebe404f64e4 Mon Sep 17 00:00:00 2001 From: Adam French Date: Tue, 25 Nov 2025 16:03:24 +0000 Subject: [PATCH] adding jwt tokens --- backend/services/auth.go | 68 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 backend/services/auth.go diff --git a/backend/services/auth.go b/backend/services/auth.go new file mode 100644 index 0000000..fc17f6c --- /dev/null +++ b/backend/services/auth.go @@ -0,0 +1,68 @@ +package services + +import ( + "time" + + "adam-french.co.uk/backend/models" + "github.com/golang-jwt/jwt/v5" +) + +type Auth struct { + config *AuthConfig +} + +type AuthConfig struct { + Secret []byte +} + +type Tokens struct { + AccessToken string + RefreshToken string +} + +func InitAuth(config *AuthConfig) *Auth { + auth := Auth{config: config} + + return &auth +} + +func (auth *Auth) GenerateJWT(user *models.User) (*Tokens, error) { + accessToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ + "username": user.Username, + "id": user.ID, + "admin": user.Admin, + "exp": time.Now().AddDate(0, 0, 1).Unix(), + }) + + refreshToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ + "id": user.ID, + "exp": time.Now().AddDate(1, 0, 0).Unix(), + }) + + accessTokenString, err := accessToken.SignedString(auth.config.Secret) + if err != nil { + return nil, err + } + + refreshTokenString, err := refreshToken.SignedString(auth.config.Secret) + if err != nil { + return nil, err + } + + return &Tokens{AccessToken: accessTokenString, RefreshToken: refreshTokenString}, nil +} + +func (auth *Auth) VerifyJWT(tokens Tokens) (*jwt.MapClaims, error) { + token, err := jwt.Parse(tokens.AccessToken, func(token *jwt.Token) (any, error) { + return auth.config.Secret, nil + }, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()})) + if err != nil { + return nil, err + } + + if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { + return &claims, nil + } + + return nil, err +}