diff --git a/admin/handlers/post.go b/admin/handlers/post.go index 324388a2..de471976 100644 --- a/admin/handlers/post.go +++ b/admin/handlers/post.go @@ -1268,7 +1268,7 @@ func (h *HandlersAdmin) UsersPOSTHandler(w http.ResponseWriter, r *http.Request) return } if u.Token { - token, exp, err := h.Users.CreateToken(newUser.Username) + token, exp, err := h.Users.CreateToken(newUser.Username, h.AdminConfig.Host) if err != nil { adminErrorResponse(w, "error creating token", http.StatusInternalServerError, err) h.Inc(metricAdminErr) @@ -1348,7 +1348,7 @@ func (h *HandlersAdmin) UsersPOSTHandler(w http.ResponseWriter, r *http.Request) return } */ - token, exp, err := h.Users.CreateToken(u.Username) + token, exp, err := h.Users.CreateToken(u.Username, h.AdminConfig.Host) if err != nil { adminErrorResponse(w, "error creating token", http.StatusInternalServerError, err) h.Inc(metricAdminErr) diff --git a/admin/handlers/tokens.go b/admin/handlers/tokens.go index 0e520dad..94fd1714 100644 --- a/admin/handlers/tokens.go +++ b/admin/handlers/tokens.go @@ -102,7 +102,7 @@ func (h *HandlersAdmin) TokensPOSTHandler(w http.ResponseWriter, r *http.Request if h.Settings.DebugService(settings.ServiceAdmin) { log.Println("DebugService: Creating token") } - token, exp, err := h.Users.CreateToken(user.Username) + token, exp, err := h.Users.CreateToken(user.Username, h.AdminConfig.Host) if err != nil { adminErrorResponse(w, "error creating token", http.StatusInternalServerError, err) h.Inc(metricAdminErr) diff --git a/api/handlers-login.go b/api/handlers-login.go index b050d25a..2f7baccf 100644 --- a/api/handlers-login.go +++ b/api/handlers-login.go @@ -58,7 +58,7 @@ func apiLoginHandler(w http.ResponseWriter, r *http.Request) { } // Do we have a token already? if user.APIToken == "" { - token, exp, err := apiUsers.CreateToken(l.Username) + token, exp, err := apiUsers.CreateToken(l.Username, serviceName) if err != nil { apiErrorResponse(w, "error creating token", http.StatusInternalServerError, err) incMetric(metricAPILoginErr) diff --git a/users/users.go b/users/users.go index f4d9228c..15b71378 100644 --- a/users/users.go +++ b/users/users.go @@ -38,7 +38,7 @@ type AdminUser struct { // TokenClaims to hold user claims when using JWT type TokenClaims struct { Username string `json:"username"` - jwt.StandardClaims + jwt.RegisteredClaims } // UserManager have all users of the system @@ -100,15 +100,14 @@ func (m *UserManager) CheckLoginCredentials(username, password string) (bool, Ad } // CreateToken to create a new JWT token for a given user -func (m *UserManager) CreateToken(username string) (string, time.Time, error) { +func (m *UserManager) CreateToken(username, issuer string) (string, time.Time, error) { expirationTime := time.Now().Add(time.Hour * time.Duration(m.JWTConfig.HoursToExpire)) // Create the JWT claims, which includes the username, level and expiry time claims := &TokenClaims{ Username: username, - StandardClaims: jwt.StandardClaims{ - // In JWT, the expiry time is expressed as unix milliseconds - ExpiresAt: expirationTime.Unix(), - Issuer: DefaultTokeIssuer, + RegisteredClaims: jwt.RegisteredClaims{ + ExpiresAt: jwt.NewNumericDate(expirationTime), + Issuer: issuer, }, } // Declare the token with the algorithm used for signing, and the claims @@ -163,12 +162,12 @@ func (m *UserManager) New(username, password, email, fullname string, admin bool return AdminUser{}, err } return AdminUser{ - Username: username, - PassHash: passhash, - UUID: utils.GenUUID(), - Admin: admin, - Email: email, - Fullname: fullname, + Username: username, + PassHash: passhash, + UUID: utils.GenUUID(), + Admin: admin, + Email: email, + Fullname: fullname, }, nil } return AdminUser{}, fmt.Errorf("%s already exists", username) diff --git a/users/users_test.go b/users/users_test.go index 238ed2c0..8923c786 100644 --- a/users/users_test.go +++ b/users/users_test.go @@ -77,7 +77,7 @@ func TestUserManager(t *testing.T) { assert.Equal(t, 123, int(user.EnvironmentID)) }) t.Run("CreateCheckToken", func(t *testing.T) { - token, tt, err := manager.CreateToken("testUsername") + token, tt, err := manager.CreateToken("testUsername", "issuer") assert.NoError(t, err) assert.NotEmpty(t, token) now := time.Now()