Better core logic for JWT; supports a more generic structure
This commit is contained in:
Dane Everitt
33
router/tokens/parser.go
Normal file
33
router/tokens/parser.go
Normal file
@@ -0,0 +1,33 @@
|
||||
package tokens
|
||||
|
||||
import (
|
||||
"github.com/gbrlsnchs/jwt/v3"
|
||||
"github.com/pterodactyl/wings/config"
|
||||
"time"
|
||||
)
|
||||
|
||||
var alg *jwt.HMACSHA
|
||||
|
||||
type TokenData interface {
|
||||
GetPayload() *jwt.Payload
|
||||
}
|
||||
|
||||
// Validates the provided JWT against the known secret for the Daemon and returns the
|
||||
// parsed data. This function DOES NOT validate that the token is valid for the connected
|
||||
// server, nor does it ensure that the user providing the token is able to actually do things.
|
||||
//
|
||||
// This simply returns a parsed token.
|
||||
func ParseToken(token []byte, data TokenData) error {
|
||||
if alg == nil {
|
||||
alg = jwt.NewHS256([]byte(config.Get().AuthenticationToken))
|
||||
}
|
||||
|
||||
verifyOptions := jwt.ValidatePayload(
|
||||
data.GetPayload(),
|
||||
jwt.ExpirationTimeValidator(time.Now()),
|
||||
)
|
||||
|
||||
_, err := jwt.Verify(token, alg, &data, verifyOptions)
|
||||
|
||||
return err
|
||||
}
|
||||
Reference in New Issue
Block a user