server/session.go at v0.5.1 · hailey.at/cocoon

hailey.at / cocoon
An atproto PDS written in Go
cocoon / server / session.go
at v0.5.1 1.6 kB view raw
 1package server
 2
 3import (
 4	"time"
 5
 6	"github.com/golang-jwt/jwt/v4"
 7	"github.com/google/uuid"
 8	"github.com/haileyok/cocoon/models"
 9)
10
11type Session struct {
12	AccessToken  string
13	RefreshToken string
14}
15
16func (s *Server) createSession(repo *models.Repo) (*Session, error) {
17	now := time.Now()
18	accexp := now.Add(3 * time.Hour)
19	refexp := now.Add(7 * 24 * time.Hour)
20	jti := uuid.NewString()
21
22	accessClaims := jwt.MapClaims{
23		"scope": "com.atproto.access",
24		"aud":   s.config.Did,
25		"sub":   repo.Did,
26		"iat":   now.UTC().Unix(),
27		"exp":   accexp.UTC().Unix(),
28		"jti":   jti,
29	}
30
31	accessToken := jwt.NewWithClaims(jwt.SigningMethodES256, accessClaims)
32	accessString, err := accessToken.SignedString(s.privateKey)
33	if err != nil {
34		return nil, err
35	}
36
37	refreshClaims := jwt.MapClaims{
38		"scope": "com.atproto.refresh",
39		"aud":   s.config.Did,
40		"sub":   repo.Did,
41		"iat":   now.UTC().Unix(),
42		"exp":   refexp.UTC().Unix(),
43		"jti":   jti,
44	}
45
46	refreshToken := jwt.NewWithClaims(jwt.SigningMethodES256, refreshClaims)
47	refreshString, err := refreshToken.SignedString(s.privateKey)
48	if err != nil {
49		return nil, err
50	}
51
52	if err := s.db.Create(&models.Token{
53		Token:        accessString,
54		Did:          repo.Did,
55		RefreshToken: refreshString,
56		CreatedAt:    now,
57		ExpiresAt:    accexp,
58	}, nil).Error; err != nil {
59		return nil, err
60	}
61
62	if err := s.db.Create(&models.RefreshToken{
63		Token:     refreshString,
64		Did:       repo.Did,
65		CreatedAt: now,
66		ExpiresAt: refexp,
67	}, nil).Error; err != nil {
68		return nil, err
69	}
70
71	return &Session{
72		AccessToken:  accessString,
73		RefreshToken: refreshString,
74	}, nil
75}