Add full refresh token and access token function
Signed-off-by: Asai Neko <sugar@sne.moe>
This commit is contained in:
@@ -5,4 +5,5 @@ import "github.com/gin-gonic/gin"
|
||||
func Handler(r *gin.RouterGroup) {
|
||||
r.POST("/magic", RequestMagicLink)
|
||||
r.GET("/magic/verify", VerifyMagicLink)
|
||||
r.POST("/refresh", Refresh)
|
||||
}
|
||||
|
||||
@@ -3,7 +3,7 @@ package auth
|
||||
import (
|
||||
"net/http"
|
||||
"nixcn-cms/data"
|
||||
"nixcn-cms/internal/crypto/jwt"
|
||||
"nixcn-cms/internal/cryptography"
|
||||
"nixcn-cms/pkgs/email"
|
||||
"nixcn-cms/pkgs/magiclink"
|
||||
"nixcn-cms/pkgs/turnstile"
|
||||
@@ -61,14 +61,14 @@ func RequestMagicLink(c *gin.Context) {
|
||||
|
||||
func VerifyMagicLink(c *gin.Context) {
|
||||
// Get token from url
|
||||
token := c.Query("token")
|
||||
if token == "" {
|
||||
magicToken := c.Query("token")
|
||||
if magicToken == "" {
|
||||
c.JSON(400, gin.H{"error": "missing token"})
|
||||
return
|
||||
}
|
||||
|
||||
// Verify email token
|
||||
email, ok := magiclink.VerifyMagicToken(token)
|
||||
email, ok := magiclink.VerifyMagicToken(magicToken)
|
||||
if !ok {
|
||||
c.JSON(401, gin.H{"error": "invalid or expired token"})
|
||||
return
|
||||
@@ -80,10 +80,19 @@ func VerifyMagicLink(c *gin.Context) {
|
||||
if err != nil {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"status": "user not found"})
|
||||
}
|
||||
jwtToken, _ := jwt.GenerateToken(userInfo.UserId, "application")
|
||||
JwtTool := cryptography.Token{
|
||||
UserID: userInfo.UserId,
|
||||
Application: viper.GetString("server.application"),
|
||||
}
|
||||
accessToken, refreshToken, err := JwtTool.IssueTokens()
|
||||
if err != nil {
|
||||
c.JSON(500, gin.H{
|
||||
"status": "error generating tokens",
|
||||
})
|
||||
}
|
||||
|
||||
c.JSON(200, gin.H{
|
||||
"jwt_token": jwtToken,
|
||||
"email": email,
|
||||
"access_token": accessToken,
|
||||
"refresh_token": refreshToken,
|
||||
})
|
||||
}
|
||||
|
||||
34
service/auth/refresh.go
Normal file
34
service/auth/refresh.go
Normal file
@@ -0,0 +1,34 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"nixcn-cms/internal/cryptography"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/spf13/viper"
|
||||
)
|
||||
|
||||
func Refresh(c *gin.Context) {
|
||||
var req struct {
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
}
|
||||
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"})
|
||||
return
|
||||
}
|
||||
|
||||
JwtTool := cryptography.Token{
|
||||
Application: viper.GetString("server.application"),
|
||||
}
|
||||
|
||||
access, err := JwtTool.RefreshAccessToken(req.RefreshToken)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid refresh token"})
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, gin.H{
|
||||
"access_token": access,
|
||||
})
|
||||
}
|
||||
Reference in New Issue
Block a user