User UUID added as Claim to token

raul-brainattica · raul-brainattica · commit 95744b45f0ee · 2015-04-13T13:51:36.000+02:00
diff --git a/controllers/auth_controller.go b/controllers/auth_controller.go
@@ -19,8 +19,12 @@ func Login(w http.ResponseWriter, r *http.Request) {
 }
 
 func RefresfhToken(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+	requestUser := new(models.User)
+	decoder := json.NewDecoder(r.Body)
+	decoder.Decode(&requestUser)
+
 	w.Header().Set("Content-Type", "application/json")
-	w.Write(services.RefreshToken())
+	w.Write(services.RefreshToken(requestUser))
 }
 
 func Logout(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
diff --git a/core/authentication/jwt_backend.go b/core/authentication/jwt_backend.go
@@ -3,6 +3,7 @@ package authentication
 import (
 	"api.jwt.auth/core/redis"
 	"api.jwt.auth/services/models"
+	"code.google.com/p/go-uuid/uuid"
 	jwt "github.com/dgrijalva/jwt-go"
 	"golang.org/x/crypto/bcrypt"
 	"io/ioutil"
@@ -30,10 +31,11 @@ func InitJWTAuthenticationBackend() *JWTAuthenticationBackend {
 	return authBack
 }
 
-func (backend *JWTAuthenticationBackend) GenerateToken() string {
+func (backend *JWTAuthenticationBackend) GenerateToken(user *models.User) string {
 	token := jwt.New(jwt.GetSigningMethod("RS256"))
 	token.Claims["exp"] = time.Now().Add(time.Hour * time.Duration(tokenDuration)).Unix()
 	token.Claims["iat"] = time.Now().Unix()
+	token.Claims["sub"] = user.UUID
 	tokenString, _ := token.SignedString(backend.privateKey)
 	return tokenString
 }
@@ -42,6 +44,7 @@ func (backend *JWTAuthenticationBackend) Authenticate(user *models.User) bool {
 	hashedPassword, _ := bcrypt.GenerateFromPassword([]byte("testing"), 10)
 
 	testUser := models.User{
+		UUID:     uuid.New(),
 		Username: "haku",
 		Password: string(hashedPassword),
 	}
diff --git a/services/auth_service.go b/services/auth_service.go
@@ -13,17 +13,17 @@ func Login(requestUser *models.User) (int, []byte) {
 	authBackend := authentication.InitJWTAuthenticationBackend()
 
 	if authBackend.Authenticate(requestUser) {
-		token := parameters.TokenAuthentication{authBackend.GenerateToken()}
+		token := parameters.TokenAuthentication{authBackend.GenerateToken(requestUser)}
 		response, _ := json.Marshal(token)
 		return http.StatusOK, response
 	}
 
 	return http.StatusUnauthorized, []byte("")
 }
 
-func RefreshToken() []byte {
+func RefreshToken(requestUser *models.User) []byte {
 	authBackend := authentication.InitJWTAuthenticationBackend()
-	token := parameters.TokenAuthentication{authBackend.GenerateToken()}
+	token := parameters.TokenAuthentication{authBackend.GenerateToken(requestUser)}
 	response, err := json.Marshal(token)
 	if err != nil {
 		panic(err)
diff --git a/services/models/users.go b/services/models/users.go
@@ -1,6 +1,7 @@
 package models
 
 type User struct {
+	UUID     string `json:"uuid" form:"-"`
 	Username string `json:"username" form:"username""`
 	Password string `json:"password" form:"password"`
 }

Original file line number	Diff line number	Diff line change
`@@ -19,8 +19,12 @@ func Login(w http.ResponseWriter, r *http.Request) {`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`func RefresfhToken(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {`
	`22`	`+ requestUser := new(models.User)`
	`23`	`+ decoder := json.NewDecoder(r.Body)`
	`24`	`+ decoder.Decode(&requestUser)`
	`25`	`+`
`22`	`26`	`w.Header().Set("Content-Type", "application/json")`
`23`		`- w.Write(services.RefreshToken())`
	`27`	`+ w.Write(services.RefreshToken(requestUser))`
`24`	`28`	`}`
`25`	`29`
`26`	`30`	`func Logout(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`package models`
`2`	`2`
`3`	`3`	`type User struct {`
	`4`	+ UUID string `json:"uuid" form:"-"`
`4`	`5`	Username string `json:"username" form:"username""`
`5`	`6`	Password string `json:"password" form:"password"`
`6`	`7`	`}`