Blame view
auth_utility.go
3.42 KB
90fd36e9b
resolved some dep...
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 |
package restutility
import (
// "fmt"
"errors"
// "os"
"time"
"crypto/sha256"
"crypto/rand"
"encoding/hex"
"strings"
"github.com/dgrijalva/jwt-go"
// "github.com/SermoDigital/jose/jwt"
)
const OneDay = time.Hour*24
const OneWeek = OneDay*7
const saltSize = 32
const appName = "korisnicki-centar"
const secret = "korisnicki-centar-api"
type Token struct {
TokenString string `json:"token"`
}
type TokenClaims struct {
Username string `json:"username"`
Role string `json:"role"`
jwt.StandardClaims
}
type CredentialsStruct struct {
Username string `json:"username"`
Password string `json:"password"`
}
func generateSalt() (string, error) {
salt := ""
rawsalt := make([]byte, saltSize)
_, err := rand.Read(rawsalt)
if err != nil {
return "", err
}
salt = hex.EncodeToString(rawsalt)
return salt, nil
}
func hashMessage(message string, presalt string) (string, string, error) {
hash, salt := "", ""
var err error
// chech if message is presalted
if presalt == "" {
salt, err = generateSalt()
if err != nil {
return "", "", err
}
} else {
salt = presalt
}
// convert strings to raw byte slices
rawmessage := []byte(message)
rawsalt, err := hex.DecodeString(salt)
if err != nil {
return "", "", err
}
rawdata := make([]byte, len(rawmessage) + len(rawsalt))
rawdata = append(rawdata, rawmessage...)
rawdata = append(rawdata, rawsalt...)
// hash message + salt
hasher := sha256.New()
hasher.Write(rawdata)
rawhash := hasher.Sum(nil)
hash = hex.EncodeToString(rawhash)
return hash, salt, nil
}
func issueAPIToken(username, role string) (Token, error) {
var apiToken Token
var err error
if err != nil {
return Token{}, err
}
claims := TokenClaims{
username,
role,
jwt.StandardClaims{
ExpiresAt: (time.Now().Add(OneWeek)).Unix(),
Issuer: appName,
},
}
jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
apiToken.TokenString, err = jwtToken.SignedString([]byte(secret))
if err != nil {
return Token{}, err
}
return apiToken, nil
}
func refreshAPIToken(tokenString string) (Token, error) {
var newToken Token
tokenString = strings.TrimPrefix(tokenString, "Bearer ")
token, err := parseTokenFunc(tokenString)
if err != nil {
return Token{}, err
}
// type assertion
claims, ok := token.Claims.(*TokenClaims)
if !ok || !token.Valid {
return Token{}, errors.New("token is not valid")
}
claims.ExpiresAt = (time.Now().Add(OneWeek)).Unix()
jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
newToken.TokenString, err = jwtToken.SignedString([]byte(secret))
if err != nil {
return Token{}, err
}
return newToken, nil
}
func parseAPIToken(tokenString string) (*TokenClaims, error) {
if ok := strings.HasPrefix(tokenString, "Bearer"); ok {
tokenString = strings.TrimPrefix(tokenString, "Bearer ")
} else {
return &TokenClaims{}, errors.New("Authorization header is incomplete")
}
token, err := parseTokenFunc(tokenString)
if err != nil {
return &TokenClaims{}, err
}
// type assertion
claims, ok := token.Claims.(*TokenClaims)
if !ok || !token.Valid {
return &TokenClaims{}, errors.New("token is not valid")
}
return claims, nil
}
func parseTokenFunc(tokenString string) (*jwt.Token, error) {
token, err := jwt.ParseWithClaims(tokenString,
&TokenClaims{},
func(token *jwt.Token) (interface{}, error) {
return []byte(secret), nil
},
)
return token, err
}
func authMinRegReq(uname, pword string) (bool, error) {
return true, nil
}
|