ostiwe-com/status
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

WIP: Develop #1

Draft
ostiwe wants to merge 10 commits from dev into main
pull from: dev
merge into: ostiwe-com:main
Conversation 1 Commits 10 Files Changed 31 +62 -29
6 changed files with 62 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 7be0c7c6d3 - Show all commits

4
.env
View File

@@ -20,6 +20,6 @@ RABBIT_PASSWORD=user
RABBIT_HOST=localhost RABBIT_HOST=localhost
RABBIT_PORT=5672 RABBIT_PORT=5672
JWT_SIGN_PUBLIC_KEY_PATH=_example/keys/jwt_public_key.pem JWT_SIGN_PUBLIC_KEY_PATH=_example/keys/jwt_public.pem
JWT_SIGN_PRIVATE_KEY_PATH=_example/keys/jwt_private_key.pem JWT_SIGN_PRIVATE_KEY_PATH=_example/keys/jwt_private.pem
JWT_TRUSTED_HOSTS= JWT_TRUSTED_HOSTS=

28
_example/keys/jwt_private.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC5Pp5QB2glt2gs
l2A7I9h2ManWeoe/83TOethZGyC9ujZTgA3kO8M3bs7reEYuwEQvMijx3Qvf/ORp
cMag+VmNPKBWCpdzY3PANdQP546JqUjIVCNyPr2+z6N+ColSqAiuB159F7g6Lfei
5TR25Eu2tadvBX+oMCLrziIPwOuac4ZybyvEs5uPGN/uyQbN3d2bxa/07YkdMqDh
alVQZJ95r9vJj6wycxn1cslbGDXYDyXx7aC1x/8dLcewYb79WoBdTFHaa+2Kpv2q
e2LRgrAIk1JuHKNar5PjMoegsQ10WUeKl92afEL1MxSFliQbNyND91yNMTGkM+e2
ERUyZHZpAgMBAAECggEAAgUaZ5O/GVsvv/26E0cDqR1HRXMSWB/c3BQHmCglMiBt
z3kH3b9flHMJP1TRShj3XV7iBqojAyMgL/ymc9KoPPOmaW3F40CYPmYv3OkI2zws
8p9FQC2KNuKPfTQ69Vtm9dPXfkx0CjFeYAi5CttYLoK6U8n274Pv24ukwDB5uTZI
wXcAsWeiB7UD4gdIU5JwFr1Awx7oWgxT979XC+X/jIKDHfpRSmF+VDz8Mkoi4gLK
YIqq3hXeMm9DKHuqxjH193G3oh06/yYZlS2durVWaQsu98WbkhZKIlV9Mgl+aPm/
NgjG3QmcbTaPTrf+wrepiAr31NSTkOn5G07mFCMeMQKBgQDvxkRmuQ25F+8QfsFg
C0hIW7UF8V7y5bsIguzD+RymsfO8LaIcXPbZA+XRLvmzAxJuG4TTBd9Hk9VueEQF
dTXVjpjSSx2zWb1UkGA2TE2aQO+yhJ6gbhZ/OOJb3Kxp5imXRq/EgT6f5APnY31E
ysnALFSx+9BuAOo4gwvao+/30QKBgQDFx7P1wMuoCrFpr0mplqa4bXuM6H6cUonn
a9vPrVRwbRSx8xc+iMRoFjOR2BWsMxhAm2t6WleT1DrOXKxjHQmyf6VGknGydxdX
al4yLjkeD8nzfDR/EhVDMN+4ld990WNAZZWm+rX4Y4mISt8o8Z0Tq8N9R3s4g4aT
eFYBXHTTGQKBgCyVdz6Khky2cJNmnlpXfrdFpiFWwkr0AJUSkyfVeEheqm2BJrWT
a6rqmJ8O1ws8NP8YSthaLSxIBtWlszA4nSv6edwQb5NbymKg/eLayUs3a9qL4lr+
XVyGnUBrhfui+nTQhfpJ9fURFtC9pRtXgbAkDhOSOS1bKjIb2+ZpuUMhAoGBALGZ
jK4nvDlfsMR4VStmTrvaBFIaDGePbqpTHoW03dg++5B3++15nvTgytoyMfP5xdNu
POsX6QCkWVIpwdsWnjidiup+Yn6hlmI27/Mbssqd3vk4FWPt9w3o+1yjqJcwyXFw
Rxw0kedEaqHqqc34eNbLLLZ409uBr/0I2CJMxdMxAoGAYVED4ltIlK8Z9fKaoNuG
eC6FBEDsN2RnXZg2qyE2yEw9DwWun6e42CO/mDXfRB2jOFxSVXP27w+6G9dsN+QG
U9Gv+AZY1Kr29qvHHheA6RhyeGMSrsfBj7U2TmUzj2xwvjoENsxBj1rDoCgIK8hB
o/nsWmEy9tf6xs8KTjztHZw=
-----END PRIVATE KEY-----

3
_example/keys/jwt_private_key.pem
View File

@@ -1,3 +0,0 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIErwGenQ53CBtItiMuRBUgrn5/l1uYW6RiAoE+9IFqtj
-----END PRIVATE KEY-----

9
_example/keys/jwt_public.pem Normal file
View File

@@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT6eUAdoJbdoLJdgOyPY
djGp1nqHv/N0znrYWRsgvbo2U4AN5DvDN27O63hGLsBELzIo8d0L3/zkaXDGoPlZ
jTygVgqXc2NzwDXUD+eOialIyFQjcj69vs+jfgqJUqgIrgdefRe4Oi33ouU0duRL
trWnbwV/qDAi684iD8DrmnOGcm8rxLObjxjf7skGzd3dm8Wv9O2JHTKg4WpVUGSf
ea/byY+sMnMZ9XLJWxg12A8l8e2gtcf/HS3HsGG+/VqAXUxR2mvtiqb9qnti0YKw
CJNSbhyjWq+T4zKHoLENdFlHipfdmnxC9TMUhZYkGzcjQ/dcjTExpDPnthEVMmR2
aQIDAQAB
-----END PUBLIC KEY-----

3
_example/keys/jwt_public_key.pem
View File

@@ -1,3 +0,0 @@
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEANttz9RhiE7FXL4A/PX3GfgxhWxSwKy5zhxrNHXifszs=
-----END PUBLIC KEY-----

44
modules/jwt/jwt.go
View File

@@ -1,24 +1,24 @@
package jwt package jwt
import ( import (
"crypto/ed25519" "crypto/rsa"
"net/http"
"os" "os"
"strings" "strings"
"time" "time"
"git.ostiwe.com/ostiwe-com/status/model" "git.ostiwe.com/ostiwe-com/status/model"
"git.ostiwe.com/ostiwe-com/status/settings" "git.ostiwe.com/ostiwe-com/status/settings"
"github.com/go-chi/jwtauth/v5" ginJwt "github.com/appleboy/gin-jwt/v3"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
"github.com/lestrrat-go/jwx/v2/jwa"
) )
var ( var (
signKey *ed25519.PrivateKey signKey *rsa.PrivateKey
publicSignKey *ed25519.PublicKey publicSignKey *rsa.PublicKey
signMethod jwt.SigningMethod signMethod jwt.SigningMethod = jwt.SigningMethodRS256
TokenAuth *jwtauth.JWTAuth AuthMiddleware *ginJwt.GinJWTMiddleware
) )
func init() { func init() {
@@ -32,6 +32,8 @@ func init() {
jwtPrivateKeyPath = settings.WorkingDir + "/" + jwtPrivateKeyPath jwtPrivateKeyPath = settings.WorkingDir + "/" + jwtPrivateKeyPath
} }
var err error
publicFile, err := os.ReadFile(jwtPublicKeyPath) publicFile, err := os.ReadFile(jwtPublicKeyPath)
if err != nil { if err != nil {
panic(err) panic(err)
@@ -42,31 +44,31 @@ func init() {
panic(err) panic(err)
} }
privateKey, err := jwt.ParseEdPrivateKeyFromPEM(privateFile) signKey, err = jwt.ParseRSAPrivateKeyFromPEM(privateFile)
if err != nil { if err != nil {
panic(err) panic(err)
} }
publicKey, err := jwt.ParseEdPublicKeyFromPEM(publicFile) publicSignKey, err = jwt.ParseRSAPublicKeyFromPEM(publicFile)
if err != nil { if err != nil {
panic(err) panic(err)
} }
pk, ok := privateKey.(ed25519.PrivateKey) AuthMiddleware = &ginJwt.GinJWTMiddleware{
if !ok { SigningAlgorithm: signMethod.Alg(),
panic("invalid ed25519 private key") PrivKeyBytes: privateFile,
PubKeyBytes: publicFile,
Timeout: time.Hour * 6,
MaxRefresh: time.Hour * 24 * 7,
SecureCookie: true,
CookieHTTPOnly: true,
CookieSameSite: http.SameSiteStrictMode,
SendCookie: true,
} }
k, ok := publicKey.(ed25519.PublicKey) if err = AuthMiddleware.MiddlewareInit(); err != nil {
if !ok { panic(err)
panic("invalid ed25519 public key")
} }
signKey = &pk
publicSignKey = &k
signMethod = jwt.SigningMethodEdDSA
TokenAuth = jwtauth.New(string(jwa.EdDSA), signKey, publicSignKey)
} }
func CreateByUser(user *model.User) (string, error) { func CreateByUser(user *model.User) (string, error) {