97 lines
2.7 KiB
Go
97 lines
2.7 KiB
Go
// Package auth implements minimal HS256 JSON Web Tokens using only the standard
|
|
// library. The API Server issues a token after verifying a user's credentials
|
|
// against PocketBase, and verifies that token on every protected request.
|
|
package auth
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/rand"
|
|
"crypto/sha256"
|
|
"encoding/base64"
|
|
"encoding/hex"
|
|
"encoding/json"
|
|
"errors"
|
|
"strings"
|
|
"time"
|
|
)
|
|
|
|
var (
|
|
ErrInvalidToken = errors.New("invalid token")
|
|
ErrExpired = errors.New("token expired")
|
|
)
|
|
|
|
// Claims is the JWT payload carried for an authenticated user.
|
|
type Claims struct {
|
|
Sub string `json:"sub"` // user id
|
|
Email string `json:"email"` // user email
|
|
Name string `json:"name"` // display name (optional)
|
|
Role string `json:"role,omitempty"` // access role: "user" | "admin"
|
|
Jti string `json:"jti"` // id of the backing "sessions" record, for revocation
|
|
Iat int64 `json:"iat"` // issued-at (unix seconds)
|
|
Exp int64 `json:"exp"` // expiry (unix seconds)
|
|
}
|
|
|
|
// NewJTI generates a random session identifier, hex-encoded so it's always a
|
|
// safe, quote-free literal to embed directly in PocketBase filter strings.
|
|
func NewJTI() (string, error) {
|
|
b := make([]byte, 16)
|
|
if _, err := rand.Read(b); err != nil {
|
|
return "", err
|
|
}
|
|
return hex.EncodeToString(b), nil
|
|
}
|
|
|
|
const headerB64 = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9" // {"alg":"HS256","typ":"JWT"}
|
|
|
|
// Sign creates a signed token for the given claims and lifetime.
|
|
func Sign(secret string, c Claims, ttl time.Duration) (string, error) {
|
|
now := time.Now()
|
|
c.Iat = now.Unix()
|
|
c.Exp = now.Add(ttl).Unix()
|
|
|
|
payload, err := json.Marshal(c)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
signingInput := headerB64 + "." + b64(payload)
|
|
sig := sign(signingInput, secret)
|
|
return signingInput + "." + sig, nil
|
|
}
|
|
|
|
// Verify checks the signature and expiry, returning the embedded claims.
|
|
func Verify(secret, token string) (*Claims, error) {
|
|
parts := strings.Split(token, ".")
|
|
if len(parts) != 3 {
|
|
return nil, ErrInvalidToken
|
|
}
|
|
signingInput := parts[0] + "." + parts[1]
|
|
expected := sign(signingInput, secret)
|
|
// Constant-time comparison to avoid timing leaks.
|
|
if !hmac.Equal([]byte(expected), []byte(parts[2])) {
|
|
return nil, ErrInvalidToken
|
|
}
|
|
|
|
raw, err := base64.RawURLEncoding.DecodeString(parts[1])
|
|
if err != nil {
|
|
return nil, ErrInvalidToken
|
|
}
|
|
var c Claims
|
|
if err := json.Unmarshal(raw, &c); err != nil {
|
|
return nil, ErrInvalidToken
|
|
}
|
|
if time.Now().Unix() >= c.Exp {
|
|
return nil, ErrExpired
|
|
}
|
|
return &c, nil
|
|
}
|
|
|
|
func sign(input, secret string) string {
|
|
mac := hmac.New(sha256.New, []byte(secret))
|
|
mac.Write([]byte(input))
|
|
return base64.RawURLEncoding.EncodeToString(mac.Sum(nil))
|
|
}
|
|
|
|
func b64(b []byte) string {
|
|
return base64.RawURLEncoding.EncodeToString(b)
|
|
}
|