71 lines
2.0 KiB
Go
71 lines
2.0 KiB
Go
|
package models
|
||
|
|
||
|
import (
|
||
|
"time"
|
||
|
|
||
|
"github.com/golang-jwt/jwt/v4"
|
||
|
"github.com/google/uuid"
|
||
|
)
|
||
|
|
||
|
// NewIdentityVerification creates a new IdentityVerification from a given username and action.
|
||
|
func NewIdentityVerification(username, action string) (verification IdentityVerification) {
|
||
|
return IdentityVerification{
|
||
|
JTI: uuid.New(),
|
||
|
IssuedAt: time.Now(),
|
||
|
ExpiresAt: time.Now().Add(5 * time.Minute),
|
||
|
Action: action,
|
||
|
Username: username,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// IdentityVerification represents an identity verification row in the database.
|
||
|
type IdentityVerification struct {
|
||
|
ID int `db:"id"`
|
||
|
JTI uuid.UUID `db:"jti"`
|
||
|
IssuedAt time.Time `db:"iat"`
|
||
|
ExpiresAt time.Time `db:"exp"`
|
||
|
Used *time.Time `db:"used"`
|
||
|
Action string `db:"action"`
|
||
|
Username string `db:"username"`
|
||
|
}
|
||
|
|
||
|
// ToIdentityVerificationClaim converts the IdentityVerification into a IdentityVerificationClaim.
|
||
|
func (v IdentityVerification) ToIdentityVerificationClaim() (claim *IdentityVerificationClaim) {
|
||
|
return &IdentityVerificationClaim{
|
||
|
RegisteredClaims: jwt.RegisteredClaims{
|
||
|
ID: v.JTI.String(),
|
||
|
Issuer: "Authelia",
|
||
|
IssuedAt: jwt.NewNumericDate(v.IssuedAt),
|
||
|
ExpiresAt: jwt.NewNumericDate(v.ExpiresAt),
|
||
|
},
|
||
|
Action: v.Action,
|
||
|
Username: v.Username,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// IdentityVerificationClaim custom claim for specifying the action claim.
|
||
|
// The action can be to register a TOTP device, a U2F device or reset one's password.
|
||
|
type IdentityVerificationClaim struct {
|
||
|
jwt.RegisteredClaims
|
||
|
|
||
|
// The action this token has been crafted for.
|
||
|
Action string `json:"action"`
|
||
|
// The user this token has been crafted for.
|
||
|
Username string `json:"username"`
|
||
|
}
|
||
|
|
||
|
// ToIdentityVerification converts the IdentityVerificationClaim into a IdentityVerification.
|
||
|
func (v IdentityVerificationClaim) ToIdentityVerification() (verification *IdentityVerification, err error) {
|
||
|
jti, err := uuid.Parse(v.ID)
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
return &IdentityVerification{
|
||
|
JTI: jti,
|
||
|
Username: v.Username,
|
||
|
Action: v.Action,
|
||
|
ExpiresAt: v.ExpiresAt.Time,
|
||
|
}, nil
|
||
|
}
|