GoScrobble/internal/goscrobble/jwt.go

package goscrobble

import (
	"errors"
	"fmt"
	"time"

	"github.com/dgrijalva/jwt-go"
)

// JwtToken - Store token from .env
var JwtToken []byte

// JwtExpiry - Expiry in seconds
var JwtExpiry time.Duration

// RefereshExpiry - Expiry for refresh token
var RefereshExpiry time.Duration

type CustomClaims struct {
	Username     string `json:"username"`
	Email        string `json:"email"`
	Admin        bool   `json:"admin"`
	RefreshToken string `json:"refresh_token"`
	RefreshExp   int    `json:"refresh_exp"`
	jwt.StandardClaims
}

func generateJWTToken(user User, existingRefresh string) (string, error) {
	refreshToken := generateToken(64)

	atClaims := jwt.MapClaims{}
	atClaims["sub"] = user.UUID
	atClaims["username"] = user.Username
	atClaims["email"] = user.Email
	atClaims["admin"] = user.Admin
	atClaims["iat"] = time.Now().Unix()
	atClaims["exp"] = time.Now().Add(JwtExpiry).Unix()
	atClaims["refresh_token"] = refreshToken
	atClaims["refresh_exp"] = time.Now().Add(RefereshExpiry).Unix()
	at := jwt.NewWithClaims(jwt.SigningMethodHS512, atClaims)
	token, err := at.SignedString(JwtToken)
	if err != nil {
		return "", err
	}

	// Store refresh token
	err = insertRefreshToken(user.UUID, refreshToken)
	if err != nil {
		fmt.Println(err)
		return token, errors.New("Failed to generate token")
	}

	if existingRefresh != "" {
		deleteRefreshToken(existingRefresh)
	}

	return token, nil
}

// verifyToken - Verifies the JWT is valid
func verifyJWTToken(token string) (CustomClaims, error) {
	// Initialize a new instance of `Claims`
	claims := CustomClaims{}
	_, err := jwt.ParseWithClaims(token, &claims, func(token *jwt.Token) (interface{}, error) {
		return JwtToken, nil
	})

	// Verify Signature
	if err != nil {
		return claims, err
	}

	// Verify expiry
	err = claims.Valid()
	if err != nil {
		return claims, err
	}

	return claims, err
}

func getClaims(token *jwt.Token) CustomClaims {
	claims, _ := token.Claims.(CustomClaims)
	return claims
}
Basic API structure 2021-03-25 05:15:01 +00:00			`package goscrobble`

			`import (`
0.0.21 - Add ez deploy script - Half implemented JWT refresh tokens, need to finish JS implementation 2021-04-06 08:28:04 +00:00			`"errors"`
			`"fmt"`
Issue JWT on login 2021-03-25 23:21:28 +00:00			`"time"`
Basic API structure 2021-03-25 05:15:01 +00:00
			`"github.com/dgrijalva/jwt-go"`
			`)`

			`// JwtToken - Store token from .env`
			`var JwtToken []byte`

Issue JWT on login 2021-03-25 23:21:28 +00:00			`// JwtExpiry - Expiry in seconds`
			`var JwtExpiry time.Duration`

0.0.21 - Add ez deploy script - Half implemented JWT refresh tokens, need to finish JS implementation 2021-04-06 08:28:04 +00:00			`// RefereshExpiry - Expiry for refresh token`
			`var RefereshExpiry time.Duration`

- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`type CustomClaims struct {`
0.0.21 - Add ez deploy script - Half implemented JWT refresh tokens, need to finish JS implementation 2021-04-06 08:28:04 +00:00			Username string `json:"username"`
			Email string `json:"email"`
			Admin bool `json:"admin"`
			RefreshToken string `json:"refresh_token"`
			RefreshExp int `json:"refresh_exp"`
Basic API structure 2021-03-25 05:15:01 +00:00			`jwt.StandardClaims`
			`}`

0.0.21 - Add ez deploy script - Half implemented JWT refresh tokens, need to finish JS implementation 2021-04-06 08:28:04 +00:00			`func generateJWTToken(user User, existingRefresh string) (string, error) {`
			`refreshToken := generateToken(64)`

- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`atClaims := jwt.MapClaims{}`
			`atClaims["sub"] = user.UUID`
			`atClaims["username"] = user.Username`
			`atClaims["email"] = user.Email`
0.0.8 - Added Admin/Site config page in frontend for admin users - Added API POST/GET /config endpoint 2021-03-31 08:40:20 +00:00			`atClaims["admin"] = user.Admin`
- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`atClaims["iat"] = time.Now().Unix()`
			`atClaims["exp"] = time.Now().Add(JwtExpiry).Unix()`
0.0.21 - Add ez deploy script - Half implemented JWT refresh tokens, need to finish JS implementation 2021-04-06 08:28:04 +00:00			`atClaims["refresh_token"] = refreshToken`
			`atClaims["refresh_exp"] = time.Now().Add(RefereshExpiry).Unix()`
- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`at := jwt.NewWithClaims(jwt.SigningMethodHS512, atClaims)`
			`token, err := at.SignedString(JwtToken)`
			`if err != nil {`
			`return "", err`
			`}`

0.0.21 - Add ez deploy script - Half implemented JWT refresh tokens, need to finish JS implementation 2021-04-06 08:28:04 +00:00			`// Store refresh token`
			`err = insertRefreshToken(user.UUID, refreshToken)`
			`if err != nil {`
			`fmt.Println(err)`
			`return token, errors.New("Failed to generate token")`
			`}`

			`if existingRefresh != "" {`
			`deleteRefreshToken(existingRefresh)`
			`}`

- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`return token, nil`
			`}`

Basic API structure 2021-03-25 05:15:01 +00:00			`// verifyToken - Verifies the JWT is valid`
- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`func verifyJWTToken(token string) (CustomClaims, error) {`
Basic API structure 2021-03-25 05:15:01 +00:00			// Initialize a new instance of `Claims`
- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`claims := CustomClaims{}`
			`_, err := jwt.ParseWithClaims(token, &claims, func(token *jwt.Token) (interface{}, error) {`
Basic API structure 2021-03-25 05:15:01 +00:00			`return JwtToken, nil`
			`})`

- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`// Verify Signature`
Basic API structure 2021-03-25 05:15:01 +00:00			`if err != nil {`
- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`return claims, err`
Basic API structure 2021-03-25 05:15:01 +00:00			`}`
- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00
			`// Verify expiry`
			`err = claims.Valid()`
			`if err != nil {`
			`return claims, err`
Basic API structure 2021-03-25 05:15:01 +00:00			`}`

- Login flow working.. - Jellyfin scrobble working - Returns scrobbles via API for authed users /api/v1/user/{uuid}/scrobble - Add redis handler + funcs - Move middleware to pass in uuid as needed 2021-03-29 07:56:34 +00:00			`return claims, err`
			`}`

			`func getClaims(token *jwt.Token) CustomClaims {`
			`claims, _ := token.Claims.(CustomClaims)`
			`return claims`
Basic API structure 2021-03-25 05:15:01 +00:00			`}`