webserver.auth.tokens #

Tokens

A library for creating, authenticating, and revoking access and refresh tokens

struct AccessTokenParams {
	expiration    time.Time = time.now().add(15 * time.minute)
	refresh_token SignedJWT @[required]
}

struct AuthTokens {
pub:
	access_token  string
	refresh_token string
}

secret := os.getenv('SECRET_KEY')

struct RefreshTokenParams {
	TokenParams
pub:
	expiration time.Time = time.now().add_days(30)
}

struct TokenParams {
pub:
	user_id  string
	subject  string
	issuer   string
	audience string
}

struct Tokens {
	refresh_secret string = jwt.create_secret() // secret used for signing/verifying refresh tokens
	access_secret  string = jwt.create_secret() // secret used for signing/verifying refresh tokens
mut:
	logger &log.Logger = &log.Logger(&log.Log{
	level: .debug
})
}

Authenticator deals and authenticates refresh and access tokens

fn (mut auth Tokens) authenticate_access_token(token SignedJWT) !

authenticate_access_token authenticates an access token and verifies that the session which issued the token is still valid

fn (mut auth Tokens) new_access_token(params AccessTokenParams) !string

fn (mut auth Tokens) new_auth_tokens(params RefreshTokenParams) AuthTokens

fn (mut auth Tokens) new_refresh_token(params RefreshTokenParams) string

fn (mut auth Tokens) revoke_refresh_token(token SignedJWT) !

struct TokensConfig {
	refresh_secret string      = jwt.create_secret() // secret used for signing/verifying refresh tokens
	access_secret  string      = jwt.create_secret() // secret used for signing/verifying refresh tokens
	logger         &log.Logger = &log.Logger(&log.Log{
	level: .debug
})
}