diff --git a/app/src/main/kotlin/io/sakurasou/service/auth/AuthServiceImpl.kt b/app/src/main/kotlin/io/sakurasou/service/auth/AuthServiceImpl.kt index 646877e0..e6f5c0fd 100644 --- a/app/src/main/kotlin/io/sakurasou/service/auth/AuthServiceImpl.kt +++ b/app/src/main/kotlin/io/sakurasou/service/auth/AuthServiceImpl.kt @@ -12,6 +12,8 @@ import io.sakurasou.exception.UserNotFoundException import io.sakurasou.model.DatabaseSingleton.dbQuery import io.sakurasou.model.dao.relation.RelationDao import io.sakurasou.model.dao.user.UserDao +import io.sakurasou.model.entity.User +import io.sakurasou.util.JwtUtils import kotlinx.datetime.Clock import kotlinx.datetime.toJavaInstant import java.security.KeyFactory @@ -36,20 +38,10 @@ class AuthServiceImpl( val isCorrectPassword = BCrypt.verifyer().verify(loginRequest.password.toCharArray(), user.password) if (!isCorrectPassword.verified) throw UnauthorizedAccessException() - val role: List = relationDao.listRoleByGroupId(user.groupId) + val roles: List = dbQuery { + relationDao.listRoleByGroupId(user.groupId) + } - val publicKey = jwkProvider.get("6f8856ed-9189-488f-9011-0ff4b6c08edc").publicKey - val keySpecPKCS8 = PKCS8EncodedKeySpec(publicKey.encoded) - val privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpecPKCS8) - val token = JWT.create() - .withAudience(audience) - .withIssuer(issuer) - .withClaim("id", user.id) - .withClaim("username", user.name) - .withClaim("groupId", user.groupId) - .withClaim("role", role) - .withExpiresAt(Clock.System.now().plus(Duration.parse("3d")).toJavaInstant()) - .sign(Algorithm.RSA256(publicKey as RSAPublicKey, privateKey as RSAPrivateKey)) - return token + return JwtUtils.generateJwtToken(user, roles) } } \ No newline at end of file diff --git a/app/src/main/kotlin/io/sakurasou/util/JwtUtils.kt b/app/src/main/kotlin/io/sakurasou/util/JwtUtils.kt new file mode 100644 index 00000000..115b6f5d --- /dev/null +++ b/app/src/main/kotlin/io/sakurasou/util/JwtUtils.kt @@ -0,0 +1,30 @@ +package io.sakurasou.util + +import com.auth0.jwt.JWT +import com.auth0.jwt.algorithms.Algorithm +import io.sakurasou.config.JwtConfig.audience +import io.sakurasou.config.JwtConfig.issuer +import io.sakurasou.config.JwtConfig.secret +import io.sakurasou.model.entity.User +import kotlinx.datetime.Clock +import kotlinx.datetime.toJavaInstant +import kotlin.time.Duration + +/** + * @author ShiinaKin + * 2024/9/14 13:06 + */ +object JwtUtils { + fun generateJwtToken(user: User, role: List): String { + val token = JWT.create() + .withAudience(audience) + .withIssuer(issuer) + .withClaim("id", user.id) + .withClaim("username", user.name) + .withClaim("groupId", user.groupId) + .withClaim("role", role) + .withExpiresAt(Clock.System.now().plus(Duration.parse("3d")).toJavaInstant()) + .sign(Algorithm.HMAC256(secret)) + return token + } +} \ No newline at end of file diff --git a/app/src/main/resources/application.yaml b/app/src/main/resources/application.yaml index f136c9ba..e03f3aa2 100644 --- a/app/src/main/resources/application.yaml +++ b/app/src/main/resources/application.yaml @@ -17,7 +17,7 @@ ktor: watch: - classes jwt: - secret: "MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAtfJaLrzXILUg1U3N1KV8yJr92GHn5OtYZR7qWk1Mc4cy4JGjklYup7weMjBD9f3bBVoIsiUVX6xNcYIr0Ie0AQIDAQABAkEAg+FBquToDeYcAWBe1EaLVyC45HG60zwfG1S4S3IB+y4INz1FHuZppDjBh09jptQNd+kSMlG1LkAc/3znKTPJ7QIhANpyB0OfTK44lpH4ScJmCxjZV52mIrQcmnS3QzkxWQCDAiEA1Tn7qyoh+0rOO/9vJHP8U/beo51SiQMw0880a1UaiisCIQDNwY46EbhGeiLJR1cidr+JHl86rRwPDsolmeEF5AdzRQIgK3KXL3d0WSoS//K6iOkBX3KMRzaFXNnDl0U/XyeGMuUCIHaXv+n+Brz5BDnRbWS+2vkgIe9bUNlkiArpjWvX+2we" - issuer: "https://sakurasou.io/" - audience: "jwt-audience" - realm: "ktor sample app" + secret: $JWT_SECRET + issuer: $JWT_ISSUER + audience: $JWT_AUDIENCE + realm: $JWT_REALM