NickKalar/LMS-APIs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added role token creation

Browse Source
This commit is contained in:
Nick Kalar
2025-08-25 15:51:19 -04:00
parent 5231c8b690
commit 1ed96ff4b2
1 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/main/kotlin/routes/LoginRoutes.kt
View File

@@ -3,6 +3,7 @@ package codes.kalar.routes
import codes.kalar.exception.DbElementNotFoundException import codes.kalar.exception.DbElementNotFoundException
import codes.kalar.model.User import codes.kalar.model.User
import codes.kalar.service.PatronService import codes.kalar.service.PatronService
import codes.kalar.service.StaffService
import com.auth0.jwt.JWT import com.auth0.jwt.JWT
import com.auth0.jwt.algorithms.Algorithm import com.auth0.jwt.algorithms.Algorithm
import io.ktor.http.HttpStatusCode import io.ktor.http.HttpStatusCode
@@ -18,8 +19,10 @@ fun Application.configureLoginRoutes(dbConnection: Connection) {
val secret = environment.config.property("jwt.secret").getString() val secret = environment.config.property("jwt.secret").getString()
val issuer = environment.config.property("jwt.issuer").getString() val issuer = environment.config.property("jwt.issuer").getString()
val audience = environment.config.property("jwt.audience").getString() val audience = environment.config.property("jwt.audience").getString()
val auth0Map = mapOf("secret" to secret, "issuer" to issuer, "audience" to audience)
val patronService = PatronService(dbConnection) val patronService = PatronService(dbConnection)
val staffService = StaffService(dbConnection)
routing { routing {
post("/login") { post("/login") {
try { try {
@@ -28,14 +31,14 @@ fun Application.configureLoginRoutes(dbConnection: Connection) {
val password = user.password val password = user.password
if (patronService.loginPatronByLoginUsername(name, password)) { if (patronService.loginPatronByLoginUsername(name, password)) {
val token = JWT.create() val token = createToken(user.name, "patron", auth0Map)
.withAudience(audience) call.respond(HttpStatusCode.OK, mapOf("token" to token))
.withIssuer(issuer) }
.withClaim("name", name) else if (staffService.loginStaffByLoginUsername(name, password)) {
.withExpiresAt(Date(System.currentTimeMillis() + 160000)) val token = createToken(user.name, "staff", auth0Map)
.sign(Algorithm.HMAC256(secret)) call.respond(HttpStatusCode.OK, mapOf("token" to token))
call.respond(hashMapOf("token" to token)) }
} else { else {
call.respond(HttpStatusCode.Unauthorized, "Invalid login") call.respond(HttpStatusCode.Unauthorized, "Invalid login")
} }
} catch (cause: DbElementNotFoundException) { } catch (cause: DbElementNotFoundException) {
@@ -44,4 +47,14 @@ fun Application.configureLoginRoutes(dbConnection: Connection) {
} }
} }
}
fun createToken(username: String, role: String, auth: Map<String, String>): String {
return JWT.create()
.withAudience(auth["audience"])
.withIssuer(auth["issuer"])
.withClaim("name", username)
.withClaim("role", role)
.withExpiresAt(Date(System.currentTimeMillis() + 160000))
.sign(Algorithm.HMAC256(auth["secret"]))
} }