diff --git a/internal/interfaces/jwtProvider.go b/internal/interfaces/jwtProvider.go index eaa16b5..fcfc1aa 100644 --- a/internal/interfaces/jwtProvider.go +++ b/internal/interfaces/jwtProvider.go @@ -6,7 +6,7 @@ import ( ) type JWTProvider interface { - CreateAccessToken(userUuid string) (string, error) + CreateAccessToken(userUuid, sessionUuid string) (string, error) CreateRefreshToken(refreshUuid string, expires time.Time) *http.Cookie Parse(token string) (string, string, error) } diff --git a/internal/provider/token/service.go b/internal/provider/token/service.go index 1888abe..0519d7a 100644 --- a/internal/provider/token/service.go +++ b/internal/provider/token/service.go @@ -33,7 +33,7 @@ func NewJWT(deps Deps) *JWT { } } -func (j *JWT) CreateAccessToken(userUuid string) (string, error) { +func (j *JWT) CreateAccessToken(userUuid, sessionUuid string) (string, error) { now := time.Now() token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ @@ -42,6 +42,7 @@ func (j *JWT) CreateAccessToken(userUuid string) (string, error) { "iss": j.Issuer, "nbf": now.Unix(), "sub": userUuid, + "sid": sessionUuid, }) signedToken, err := token.SignedString([]byte(j.SecretKey)) @@ -56,7 +57,6 @@ func (j *JWT) CreateRefreshToken(refreshUuid string, expires time.Time) *http.Co return &http.Cookie{ Name: "refresh_uuid", Value: refreshUuid, - Path: "", Expires: expires, Secure: true, HttpOnly: true, @@ -84,16 +84,16 @@ func (j *JWT) Parse(token string) (string, string, error) { if claims, ok := parse.Claims.(jwt.MapClaims); ok && parse.Valid { userUuid := claims["sub"].(string) - var refreshUuid string - if tkn, exists := claims["tkn"]; exists { - if tknStr, okay := tkn.(string); okay { - refreshUuid = tknStr + var sessionUuid string + if sid, exists := claims["sid"]; exists { + if tknStr, okay := sid.(string); okay { + sessionUuid = tknStr } else { - return "", "", fmt.Errorf("invalid type for 'tkn' claim") + return "", "", fmt.Errorf("invalid type for 'sid' claim") } } - return userUuid, refreshUuid, nil + return userUuid, sessionUuid, nil } return "", "", fmt.Errorf("invalid token")