webserver.auth.jwt #

fn create_secret #

fn create_secret() string

fn create_token #

fn create_token(payload_ JwtPayload) JsonWebToken

creates jwt with encoded payload and header DOESN'T handle data encryption, sensitive data should be encrypted

fn get_data #

fn get_data(token string) !string

gets cookie token, returns user obj

fn get_payload #

fn get_payload(token string) !JwtPayload

gets cookie token, returns user obj

fn verify_jwt #

fn verify_jwt(token string) bool

verifies jwt cookie

fn verify_jwt_assymetric #

fn verify_jwt_assymetric(token string, pk string) bool

verifies jwt cookie

Todo: implement assymetric verification

type SignedJWT #

type SignedJWT = string

fn (SignedJWT) is_valid #

fn (token SignedJWT) is_valid() bool

fn (SignedJWT) verify #

fn (token SignedJWT) verify(secret string) !bool

fn (SignedJWT) decode #

fn (token SignedJWT) decode() !JsonWebToken

gets cookie token, returns user obj

fn (SignedJWT) get_field #

fn (token SignedJWT) get_field(field string) !string

gets cookie token, returns user obj

fn (SignedJWT) decode_subject #

fn (token SignedJWT) decode_subject() !string

gets cookie token, returns user obj

struct JsonWebToken #

struct JsonWebToken {
	JwtHeader
	JwtPayload
}

JWT code in this page is from https://github.com/vlang/v/blob/master/examples/vweb_orm_jwt/src/auth_services.v credit to https://github.com/enghitalo

fn (JsonWebToken) sign #

fn (token JsonWebToken) sign(secret string) string

fn (JsonWebToken) is_expired #

fn (token JsonWebToken) is_expired() bool

struct JwtPayload #

struct JwtPayload {
pub:
	sub  string    // (subject)
	iss  string    // (issuer)
	exp  time.Time // (expiration)
	iat  time.Time // (issued at)
	aud  string    // (audience)
	data string
}

Todo: refactor to use single JWT interface

Todo: we can name these better

fn create_secret
fn create_token
fn get_data
fn get_payload
fn verify_jwt
fn verify_jwt_assymetric
type SignedJWT
struct JsonWebToken
- fn sign
- fn is_expired
struct JwtPayload