feat: expose if a user is a local user through its jwt token
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
9eca971c93
commit
516c812043
GPG Key ID:
F40E70337AB24C9B
|
|
@ -24,6 +24,7 @@ import (
|
||||||
"code.vikunja.io/api/pkg/models"
|
"code.vikunja.io/api/pkg/models"
|
||||||
"code.vikunja.io/api/pkg/user"
|
"code.vikunja.io/api/pkg/user"
|
||||||
"code.vikunja.io/web"
|
"code.vikunja.io/web"
|
||||||
|
|
||||||
"github.com/golang-jwt/jwt/v4"
|
"github.com/golang-jwt/jwt/v4"
|
||||||
"github.com/labstack/echo/v4"
|
"github.com/labstack/echo/v4"
|
||||||
)
|
)
|
||||||
|
|
@ -51,7 +52,7 @@ func NewUserAuthTokenResponse(u *user.User, c echo.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewUserJWTAuthtoken generates and signes a new jwt token for a user. This is a global function to be able to call it from integration tests.
|
// NewUserJWTAuthtoken generates and signes a new jwt token for a user. This is a global function to be able to call it from integration tests.
|
||||||
func NewUserJWTAuthtoken(user *user.User) (token string, err error) {
|
func NewUserJWTAuthtoken(u *user.User) (token string, err error) {
|
||||||
t := jwt.New(jwt.SigningMethodHS256)
|
t := jwt.New(jwt.SigningMethodHS256)
|
||||||
|
|
||||||
var ttl = time.Duration(config.ServiceJWTTTL.GetInt64())
|
var ttl = time.Duration(config.ServiceJWTTTL.GetInt64())
|
||||||
|
|
@ -60,12 +61,13 @@ func NewUserJWTAuthtoken(user *user.User) (token string, err error) {
|
||||||
// Set claims
|
// Set claims
|
||||||
claims := t.Claims.(jwt.MapClaims)
|
claims := t.Claims.(jwt.MapClaims)
|
||||||
claims["type"] = AuthTypeUser
|
claims["type"] = AuthTypeUser
|
||||||
claims["id"] = user.ID
|
claims["id"] = u.ID
|
||||||
claims["username"] = user.Username
|
claims["username"] = u.Username
|
||||||
claims["email"] = user.Email
|
claims["email"] = u.Email
|
||||||
claims["exp"] = exp
|
claims["exp"] = exp
|
||||||
claims["name"] = user.Name
|
claims["name"] = u.Name
|
||||||
claims["emailRemindersEnabled"] = user.EmailRemindersEnabled
|
claims["emailRemindersEnabled"] = u.EmailRemindersEnabled
|
||||||
|
claims["isLocalUser"] = u.Issuer == user.IssuerLocal
|
||||||
|
|
||||||
// Generate encoded token and send it as response.
|
// Generate encoded token and send it as response.
|
||||||
return t.SignedString([]byte(config.ServiceJWTSecret.GetString()))
|
return t.SignedString([]byte(config.ServiceJWTSecret.GetString()))
|
||||||
|
|
@ -87,6 +89,7 @@ func NewLinkShareJWTAuthtoken(share *models.LinkSharing) (token string, err erro
|
||||||
claims["right"] = share.Right
|
claims["right"] = share.Right
|
||||||
claims["sharedByID"] = share.SharedByID
|
claims["sharedByID"] = share.SharedByID
|
||||||
claims["exp"] = exp
|
claims["exp"] = exp
|
||||||
|
claims["isLocalUser"] = true // Link shares are always local
|
||||||
|
|
||||||
// Generate encoded token and send it as response.
|
// Generate encoded token and send it as response.
|
||||||
return t.SignedString([]byte(config.ServiceJWTSecret.GetString()))
|
return t.SignedString([]byte(config.ServiceJWTSecret.GetString()))
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user