h/golib
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1b25e2f0a59e71365c0e89c52fe033713d80fa4c
golib/jwt/tokens.go
Haelnorr 1b25e2f0a5 Refactor database interface to use *sql.DB directly 
Simplified the database layer by removing custom interface wrappers
and using standard library *sql.DB and *sql.Tx types directly.

Changes:
- Removed DBConnection and DBTransaction interfaces from database.go
- Removed NewDBConnection() wrapper function
- Updated TokenGenerator to use *sql.DB instead of DBConnection
- Updated all validation and revocation methods to accept *sql.Tx
- Updated TableManager to work with *sql.DB directly
- Updated all tests to use db.Begin() instead of custom wrappers
- Fixed GeneratorConfig.DB field (was DBConn)
- Updated documentation in doc.go with correct API usage

Benefits:
- Simpler API with fewer abstractions
- Works directly with database/sql standard library
- Compatible with GORM (via gormDB.DB()) and Bun (share same *sql.DB)
- Easier to understand and maintain
- No unnecessary wrapper layers

Breaking changes:
- GeneratorConfig.DBConn renamed to GeneratorConfig.DB
- Removed NewDBConnection() function - pass *sql.DB directly
- ValidateAccess/ValidateRefresh now accept *sql.Tx instead of DBTransaction
- Token.Revoke/CheckNotRevoked now accept *sql.Tx instead of DBTransaction

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-11 17:39:30 +11:00

99 lines
2.9 KiB
Go
Raw Blame History

package jwt
import (
"database/sql"
"github.com/google/uuid"
)
// Token is the common interface implemented by both AccessToken and RefreshToken.
// It provides methods to access token claims and manage token revocation.
type Token interface {
// GetJTI returns the unique token identifier (JTI claim)
GetJTI() uuid.UUID
// GetEXP returns the expiration timestamp (EXP claim)
GetEXP() int64
// GetSUB returns the subject/user ID (SUB claim)
GetSUB() int
// GetScope returns the token scope ("access" or "refresh")
GetScope() string
// Revoke adds this token to the blacklist, preventing future use.
// Must be called within a database transaction context.
Revoke(*sql.Tx) error
// CheckNotRevoked verifies that this token has not been blacklisted.
// Returns true if the token is valid, false if revoked.
// Must be called within a database transaction context.
CheckNotRevoked(*sql.Tx) (bool, error)
}
// AccessToken represents a JWT access token with all its claims.
// Access tokens are short-lived and used for authenticating API requests.
// They can be marked as "fresh" for sensitive operations like password changes.
type AccessToken struct {
ISS string // Issuer, generally TrustedHost
IAT int64 // Time issued at
EXP int64 // Time expiring at
TTL string // Time-to-live: "session" or "exp". Used with 'remember me'
SUB int // Subject (user) ID
JTI uuid.UUID // UUID-4 used for identifying blacklisted tokens
Fresh int64 // Time freshness expiring at
Scope string // Should be "access"
gen *TokenGenerator
}
// RefreshToken represents a JWT refresh token with all its claims.
// Refresh tokens are longer-lived and used to obtain new access tokens
// without requiring the user to re-authenticate.
type RefreshToken struct {
ISS string // Issuer, generally TrustedHost
IAT int64 // Time issued at
EXP int64 // Time expiring at
TTL string // Time-to-live: "session" or "exp". Used with 'remember me'
SUB int // Subject (user) ID
JTI uuid.UUID // UUID-4 used for identifying blacklisted tokens
Scope string // Should be "refresh"
gen *TokenGenerator
}
func (a AccessToken) GetJTI() uuid.UUID {
return a.JTI
}
func (r RefreshToken) GetJTI() uuid.UUID {
return r.JTI
}
func (a AccessToken) GetEXP() int64 {
return a.EXP
}
func (r RefreshToken) GetEXP() int64 {
return r.EXP
}
func (a AccessToken) GetSUB() int {
return a.SUB
}
func (r RefreshToken) GetSUB() int {
return r.SUB
}
func (a AccessToken) GetScope() string {
return a.Scope
}
func (r RefreshToken) GetScope() string {
return r.Scope
}
func (a AccessToken) Revoke(tx *sql.Tx) error {
return a.gen.revoke(tx, a)
}
func (r RefreshToken) Revoke(tx *sql.Tx) error {
return r.gen.revoke(tx, r)
}
func (a AccessToken) CheckNotRevoked(tx *sql.Tx) (bool, error) {
return a.gen.checkNotRevoked(tx, a)
}
func (r RefreshToken) CheckNotRevoked(tx *sql.Tx) (bool, error) {
return r.gen.checkNotRevoked(tx, r)
}
Reference in New Issue View Git Blame Copy Permalink