mirror of
https://github.com/1f349/lavender.git
synced 2024-12-22 07:34:06 +00:00
Use JWT as login cookie
This commit is contained in:
parent
ca80b26f92
commit
7fa4c70b01
@ -13,6 +13,9 @@ import (
|
|||||||
"github.com/1f349/lavender/database"
|
"github.com/1f349/lavender/database"
|
||||||
"github.com/1f349/lavender/issuer"
|
"github.com/1f349/lavender/issuer"
|
||||||
"github.com/1f349/lavender/pages"
|
"github.com/1f349/lavender/pages"
|
||||||
|
"github.com/1f349/mjwt/auth"
|
||||||
|
"github.com/1f349/mjwt/claims"
|
||||||
|
"github.com/golang-jwt/jwt/v4"
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
"github.com/julienschmidt/httprouter"
|
"github.com/julienschmidt/httprouter"
|
||||||
"golang.org/x/oauth2"
|
"golang.org/x/oauth2"
|
||||||
@ -135,7 +138,7 @@ func (h *HttpServer) loginCallback(rw http.ResponseWriter, req *http.Request, _
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if h.setLoginDataCookie(rw, auth.ID) {
|
if h.setLoginDataCookie(rw, auth) {
|
||||||
http.Error(rw, "Failed to save login cookie", http.StatusInternalServerError)
|
http.Error(rw, "Failed to save login cookie", http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -145,15 +148,18 @@ func (h *HttpServer) loginCallback(rw http.ResponseWriter, req *http.Request, _
|
|||||||
h.SafeRedirect(rw, req)
|
h.SafeRedirect(rw, req)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *HttpServer) setLoginDataCookie(rw http.ResponseWriter, userId string) bool {
|
const oneYear = 365 * 24 * time.Hour
|
||||||
encData, err := rsa.EncryptOAEP(sha256.New(), rand.Reader, h.signingKey.PublicKey(), []byte(userId), []byte("lavender-login-data"))
|
|
||||||
|
func (h *HttpServer) setLoginDataCookie(rw http.ResponseWriter, authData UserAuth) bool {
|
||||||
|
ps := claims.NewPermStorage()
|
||||||
|
gen, err := h.signingKey.GenerateJwt(authData.ID, uuid.NewString(), jwt.ClaimStrings{h.conf.BaseUrl}, oneYear, auth.AccessTokenClaims{Perms: ps})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
http.Error(rw, "Failed to generate cookie token", http.StatusInternalServerError)
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
http.SetCookie(rw, &http.Cookie{
|
http.SetCookie(rw, &http.Cookie{
|
||||||
Name: "lavender-login-data",
|
Name: "lavender-login-data",
|
||||||
Value: hex.EncodeToString(encData),
|
Value: gen,
|
||||||
Path: "/",
|
Path: "/",
|
||||||
Expires: time.Now().AddDate(0, 3, 0),
|
Expires: time.Now().AddDate(0, 3, 0),
|
||||||
Secure: true,
|
Secure: true,
|
||||||
|
Loading…
Reference in New Issue
Block a user