upload

2026-06-04 02:32:57 +00:00 · 2025-10-16 13:32:05 +02:00
commit 12cba639b9
663 changed files with 168914 additions and 0 deletions
@@ -0,0 +1,95 @@
+package utils
+
+import (
+	"errors"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt/v5"
+)
+
+// JWTClaims represents the JWT claims structure
+type JWTClaims struct {
+	UserID uint   `json:"user_id"`
+	Email  string `json:"email"`
+	Role   string `json:"role"`
+	jwt.RegisteredClaims
+}
+
+// GenerateJWT generates a new JWT token for the given user
+func GenerateJWT(userID uint, email, role string) (string, error) {
+	expirationTime := time.Now().Add(24 * time.Hour)
+
+	claims := &JWTClaims{
+		UserID: userID,
+		Email:  email,
+		Role:   role,
+		RegisteredClaims: jwt.RegisteredClaims{
+			ExpiresAt: jwt.NewNumericDate(expirationTime),
+			IssuedAt:  jwt.NewNumericDate(time.Now()),
+			NotBefore: jwt.NewNumericDate(time.Now()),
+			Issuer:    "fotbal-club",
+		},
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	tokenString, err := token.SignedString([]byte(GetJWTSecret()))
+	if err != nil {
+		return "", err
+	}
+
+	return tokenString, nil
+}
+
+// ParseJWT parses and validates a JWT token
+func ParseJWT(tokenString string) (*JWTClaims, error) {
+	token, err := jwt.ParseWithClaims(tokenString, &JWTClaims{}, func(token *jwt.Token) (interface{}, error) {
+		return []byte(GetJWTSecret()), nil
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	if claims, ok := token.Claims.(*JWTClaims); ok && token.Valid {
+		return claims, nil
+	}
+
+	return nil, errors.New("invalid token")
+}
+
+// GetJWTSecret returns the JWT secret from environment variable or a default value
+func GetJWTSecret() string {
+	secret := os.Getenv("JWT_SECRET")
+	if secret == "" {
+		return "default-secret-key-change-in-production"
+	}
+	return secret
+}
+
+// GetUserFromContext gets the authenticated user from Gin context
+func GetUserFromContext(c *gin.Context) (*JWTClaims, error) {
+	// Preferred: claims set by auth middleware
+	if v, ok := c.Get("claims"); ok {
+		if cl, ok2 := v.(*JWTClaims); ok2 {
+			return cl, nil
+		}
+	}
+	// Fallback: parse Authorization header (Bearer <token>)
+	authHeader := c.GetHeader("Authorization")
+	if authHeader == "" {
+		return nil, errors.New("authorization header missing")
+	}
+	parts := strings.Split(authHeader, " ")
+	if len(parts) != 2 || parts[0] != "Bearer" {
+		return nil, errors.New("invalid authorization header format")
+	}
+	token := parts[1]
+	cl, err := ParseJWT(token)
+	if err != nil {
+		return nil, err
+	}
+	return cl, nil
+}