44 lines
1.2 KiB
Swift
44 lines
1.2 KiB
Swift
import JWT
|
|
import Fluent
|
|
import Foundation
|
|
|
|
func generateIdpAlias(appId: String, deviceId: String, serialNo: String) -> String {
|
|
return "\(appId):\(deviceId):\(serialNo)"
|
|
}
|
|
|
|
func generateToken(accountId: Int, expires: Date, type: SessionType) -> SessionPayload {
|
|
return SessionPayload(
|
|
accountId: .init(value: String(accountId)),
|
|
expiration: .init(value: expires),
|
|
type: type.rawValue
|
|
)
|
|
}
|
|
|
|
struct SessionPayload: JWTPayload {
|
|
enum CodingKeys: String, CodingKey {
|
|
case accountId = "sub"
|
|
case expiration = "exp"
|
|
case type = "type"
|
|
}
|
|
|
|
// The "sub" (subject) claim identifies the principal that is the
|
|
// subject of the JWT.
|
|
var accountId: SubjectClaim
|
|
|
|
// The "exp" (expiration time) claim identifies the expiration time on
|
|
// or after which the JWT MUST NOT be accepted for processing.
|
|
var expiration: ExpirationClaim
|
|
|
|
// Custom data.
|
|
// If true, the user is an admin.
|
|
var type: Int
|
|
|
|
// Run any additional verification logic beyond
|
|
// signature verification here.
|
|
// Since we have an ExpirationClaim, we will
|
|
// call its verify method.
|
|
func verify(using algorithm: some JWTAlgorithm) async throws {
|
|
try self.expiration.verifyNotExpired()
|
|
}
|
|
}
|