feat: Add other tasks from chapter 6

2024-10-25 23:31:57 +02:00
parent e72fd2ee86
commit 61beecd4a0
18 changed files with 361 additions and 23 deletions
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@ -1,6 +1,17 @@
 package auth

-import "golang.org/x/crypto/bcrypt"
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"errors"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/google/uuid"
+	"golang.org/x/crypto/bcrypt"
+)

 func HashPassword(password string) (string, error) {
 	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 10)
@ -10,3 +21,63 @@ func HashPassword(password string) (string, error) {
 func CheckPasswordHash(password, hash string) error {
 	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
 }
+
+func MakeJWT(userID uuid.UUID, tokenSecret string) (string, error) {
+	newToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
+		Issuer:    "chirpy",
+		IssuedAt:  jwt.NewNumericDate(time.Now()),
+		ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour)),
+		Subject:   userID.String(),
+	})
+	token, err := newToken.SignedString([]byte(tokenSecret))
+	if err != nil {
+		return "", err
+	}
+	return token, nil
+}
+
+func ValidateJWT(tokenString, tokenSecret string) (uuid.UUID, error) {
+
+	token, err := jwt.ParseWithClaims(tokenString, &jwt.RegisteredClaims{}, func(t *jwt.Token) (interface{}, error) {
+		return []byte(tokenSecret), nil
+	})
+	if err != nil {
+		return uuid.UUID{}, err
+	}
+	if !token.Valid {
+		return uuid.UUID{}, errors.New("token has expired")
+	}
+
+	userIDString, err := token.Claims.GetSubject()
+	if err != nil {
+		return uuid.UUID{}, err
+	}
+	userID, err := uuid.Parse(userIDString)
+	if err != nil {
+		return uuid.UUID{}, err
+	}
+
+	return userID, nil
+}
+
+func GetBearerToken(headers http.Header) (string, error) {
+	authHeader := headers.Get("Authorization")
+	if authHeader == "" {
+		return "", errors.New("authorization header is not set")
+	}
+	if !strings.HasPrefix(authHeader, "Bearer ") {
+		return "", errors.New("incorrect authorization type, must be of type Bearer")
+	}
+	bearerToken := strings.TrimPrefix(authHeader, "Bearer ")
+	return strings.TrimSpace(bearerToken), nil
+}
+
+func MakeRefreshToken() (string, error) {
+	buffer := make([]byte, 32)
+	_, err := rand.Read(buffer)
+	if err != nil {
+		return "", err
+	}
+	hexData := hex.EncodeToString(buffer)
+	return hexData, nil
+}