47 lines
1.4 KiB
Rust
47 lines
1.4 KiB
Rust
use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation};
|
|
use serde::{Deserialize, Serialize};
|
|
use std::env;
|
|
|
|
#[derive(Debug, Serialize, Deserialize)]
|
|
struct Claims {
|
|
sub: String, // Subject (user ID)
|
|
session_id: String, // Session ID
|
|
roles: Vec<String>, // Roles/permissions
|
|
exp: usize, // Expiration time
|
|
}
|
|
|
|
pub fn generate_token(
|
|
user_id: &str,
|
|
session_id: &str,
|
|
roles: Vec<String>,
|
|
) -> Result<String, jsonwebtoken::errors::Error> {
|
|
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
|
|
let expiration = chrono::Utc::now()
|
|
.checked_add_signed(chrono::Duration::days(1))
|
|
.expect("valid timestamp")
|
|
.timestamp() as usize;
|
|
|
|
let claims = Claims {
|
|
sub: user_id.to_owned(),
|
|
session_id: session_id.to_owned(),
|
|
roles,
|
|
exp: expiration,
|
|
};
|
|
|
|
encode(
|
|
&Header::default(),
|
|
&claims,
|
|
&EncodingKey::from_secret(secret.as_ref()),
|
|
)
|
|
}
|
|
|
|
pub fn validate_token(token: &str) -> Result<(String, String), jsonwebtoken::errors::Error> {
|
|
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
|
|
let token_data = decode::<Claims>(
|
|
token,
|
|
&DecodingKey::from_secret(secret.as_ref()),
|
|
&Validation::default(),
|
|
)?;
|
|
Ok((token_data.claims.sub, token_data.claims.session_id))
|
|
}
|