hailey.at
An atproto PDS written in Go
1package server
2
3import (
4 "time"
5
6 "github.com/golang-jwt/jwt/v4"
7 "github.com/google/uuid"
8 "github.com/haileyok/cocoon/models"
9)
10
11type Session struct {
12 AccessToken string
13 RefreshToken string
14}
15
16func (s *Server) createSession(repo *models.Repo) (*Session, error) {
17 now := time.Now()
18 accexp := now.Add(3 * time.Hour)
19 refexp := now.Add(7 * 24 * time.Hour)
20 jti := uuid.NewString()
21
22 accessClaims := jwt.MapClaims{
23 "scope": "com.atproto.access",
24 "aud": s.config.Did,
25 "sub": repo.Did,
26 "iat": now.UTC().Unix(),
27 "exp": accexp.UTC().Unix(),
28 "jti": jti,
29 }
30
31 accessToken := jwt.NewWithClaims(jwt.SigningMethodES256, accessClaims)
32 accessString, err := accessToken.SignedString(s.privateKey)
33 if err != nil {
34 return nil, err
35 }
36
37 refreshClaims := jwt.MapClaims{
38 "scope": "com.atproto.refresh",
39 "aud": s.config.Did,
40 "sub": repo.Did,
41 "iat": now.UTC().Unix(),
42 "exp": refexp.UTC().Unix(),
43 "jti": jti,
44 }
45
46 refreshToken := jwt.NewWithClaims(jwt.SigningMethodES256, refreshClaims)
47 refreshString, err := refreshToken.SignedString(s.privateKey)
48 if err != nil {
49 return nil, err
50 }
51
52 if err := s.db.Create(&models.Token{
53 Token: accessString,
54 Did: repo.Did,
55 RefreshToken: refreshString,
56 CreatedAt: now,
57 ExpiresAt: accexp,
58 }, nil).Error; err != nil {
59 return nil, err
60 }
61
62 if err := s.db.Create(&models.RefreshToken{
63 Token: refreshString,
64 Did: repo.Did,
65 CreatedAt: now,
66 ExpiresAt: refexp,
67 }, nil).Error; err != nil {
68 return nil, err
69 }
70
71 return &Session{
72 AccessToken: accessString,
73 RefreshToken: refreshString,
74 }, nil
75}