61 lines
1.3 KiB
Go
61 lines
1.3 KiB
Go
package token
|
|
|
|
import (
|
|
"fmt"
|
|
"time"
|
|
|
|
"management/internal/config"
|
|
|
|
"github.com/aead/chacha20poly1305"
|
|
"github.com/o1egl/paseto"
|
|
)
|
|
|
|
// PasetoMaker is a PASETO token maker
|
|
type PasetoMaker struct {
|
|
paseto *paseto.V2
|
|
symmetricKey []byte
|
|
}
|
|
|
|
// NewPasetoMaker creates a new PasetoMaker
|
|
func NewPasetoMaker() error {
|
|
symmetricKey := config.File.JWT.SigningKey
|
|
if len(symmetricKey) != chacha20poly1305.KeySize {
|
|
return fmt.Errorf("invalid key size: must be exactly %d characters", chacha20poly1305.KeySize)
|
|
}
|
|
|
|
engine = &PasetoMaker{
|
|
paseto: paseto.NewV2(),
|
|
symmetricKey: []byte(symmetricKey),
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// CreateToken creates a new token for a specific username and duration
|
|
func (maker *PasetoMaker) CreateToken(id string, username string, duration time.Duration) (string, *Payload, error) {
|
|
payload, err := NewPayload(id, username, duration)
|
|
if err != nil {
|
|
return "", payload, err
|
|
}
|
|
|
|
token, err := maker.paseto.Encrypt(maker.symmetricKey, payload, nil)
|
|
return token, payload, err
|
|
}
|
|
|
|
// VerifyToken checks if the token is valid or not
|
|
func (maker *PasetoMaker) VerifyToken(token string) (*Payload, error) {
|
|
payload := &Payload{}
|
|
|
|
err := maker.paseto.Decrypt(token, maker.symmetricKey, payload, nil)
|
|
if err != nil {
|
|
return nil, ErrInvalidToken
|
|
}
|
|
|
|
err = payload.Valid()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return payload, nil
|
|
}
|