midsuit
/
wms-be
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance JWT service to include role ID in access token generation and user token info

This commit is contained in:
Habib Fatkhul Rohman 2025-10-21 15:05:10 +07:00
parent 4bd48c3bca
commit fb49163803
2 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/auth/repository/refresh_token_repository.go
View File

@ -51,7 +51,10 @@ func (r *refreshTokenRepository) FindByToken(ctx context.Context, tx *gorm.DB, t
} }
var refreshToken entities.RefreshToken var refreshToken entities.RefreshToken
if err := tx.WithContext(ctx).Where("token = ?", token).Preload("User").Take(&refreshToken).Error; err != nil { if err := tx.WithContext(ctx).
Preload("User").
Preload("User.UserRoles.Role").
Take(&refreshToken).Error; err != nil {
return entities.RefreshToken{}, err return entities.RefreshToken{}, err
} }

16
modules/auth/service/jwt_service.go
View File

@ -14,10 +14,11 @@ import (
type UserTokenInfo struct { type UserTokenInfo struct {
ClientID string `json:"client_id"` ClientID string `json:"client_id"`
UserID string `json:"user_id"` UserID string `json:"user_id"`
RoleID string `json:"role_id"`
} }
type JWTService interface { type JWTService interface {
GenerateAccessToken(clientId string, userId string) string GenerateAccessToken(clientId string, userId string, roleId string) string
GenerateRefreshToken() (string, time.Time) GenerateRefreshToken() (string, time.Time)
ValidateToken(token string) (*jwt.Token, error) ValidateToken(token string) (*jwt.Token, error)
GetUserIDByToken(token string) (*UserTokenInfo, error) GetUserIDByToken(token string) (*UserTokenInfo, error)
@ -26,6 +27,7 @@ type JWTService interface {
type jwtCustomClaim struct { type jwtCustomClaim struct {
ClientID string `json:"client_id"` ClientID string `json:"client_id"`
UserID string `json:"user_id"` UserID string `json:"user_id"`
RoleID string `json:"role_id"`
jwt.RegisteredClaims jwt.RegisteredClaims
} }
@ -40,8 +42,8 @@ type jwtService struct {
func NewJWTService() JWTService { func NewJWTService() JWTService {
return &jwtService{ return &jwtService{
secretKey: getSecretKey(), secretKey: getSecretKey(),
issuer: "Template", issuer: "WMS-Wareify",
accessExpiry: time.Minute * 15, accessExpiry: time.Hour * 8,
refreshExpiry: time.Hour * 24 * 7, refreshExpiry: time.Hour * 24 * 7,
} }
} }
@ -49,15 +51,16 @@ func NewJWTService() JWTService {
func getSecretKey() string { func getSecretKey() string {
secretKey := os.Getenv("JWT_SECRET") secretKey := os.Getenv("JWT_SECRET")
if secretKey == "" { if secretKey == "" {
secretKey = "Template" secretKey = "WMS-WareifySecretKey"
} }
return secretKey return secretKey
} }
func (j *jwtService) GenerateAccessToken(clientId string, userId string) string { func (j *jwtService) GenerateAccessToken(clientId string, userId string, roleId string) string {
claims := jwtCustomClaim{ claims := jwtCustomClaim{
ClientID: clientId, ClientID: clientId,
UserID: userId, UserID: userId,
RoleID: roleId,
RegisteredClaims: jwt.RegisteredClaims{ RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(j.accessExpiry)), ExpiresAt: jwt.NewNumericDate(time.Now().Add(j.accessExpiry)),
Issuer: j.issuer, Issuer: j.issuer,
@ -107,8 +110,11 @@ func (j *jwtService) GetUserIDByToken(token string) (*UserTokenInfo, error) {
claims := tToken.Claims.(jwt.MapClaims) claims := tToken.Claims.(jwt.MapClaims)
userId := fmt.Sprintf("%v", claims["user_id"]) userId := fmt.Sprintf("%v", claims["user_id"])
clientId := fmt.Sprintf("%v", claims["client_id"]) clientId := fmt.Sprintf("%v", claims["client_id"])
roleId := fmt.Sprintf("%v", claims["role_id"])
return &UserTokenInfo{ return &UserTokenInfo{
UserID: userId, UserID: userId,
ClientID: clientId, ClientID: clientId,
RoleID: roleId,
}, nil }, nil
} }