stash/pkg/manager/apikey.go

package manager

import (
	"errors"
	"time"

	"github.com/dgrijalva/jwt-go"
	"github.com/stashapp/stash/pkg/manager/config"
)

var ErrInvalidToken = errors.New("invalid apikey")

const APIKeySubject = "APIKey"

type APIKeyClaims struct {
	UserID string `json:"uid"`
	jwt.StandardClaims
}

func GenerateAPIKey(userID string) (string, error) {
	claims := &APIKeyClaims{
		UserID: userID,
		StandardClaims: jwt.StandardClaims{
			Subject:  APIKeySubject,
			IssuedAt: time.Now().Unix(),
		},
	}

	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)

	ss, err := token.SignedString(config.GetInstance().GetJWTSignKey())
	if err != nil {
		return "", err
	}

	return ss, nil
}

// GetUserIDFromAPIKey validates the provided api key and returns the user ID
func GetUserIDFromAPIKey(apiKey string) (string, error) {
	claims := &APIKeyClaims{}
	token, err := jwt.ParseWithClaims(apiKey, claims, func(t *jwt.Token) (interface{}, error) {
		return config.GetInstance().GetJWTSignKey(), nil
	})

	if err != nil {
		return "", err
	}

	if !token.Valid {
		return "", ErrInvalidToken
	}

	return claims.UserID, nil
}
Api key (#1241) 2021-03-31 05:08:52 +00:00			`package manager`

			`import (`
			`"errors"`
			`"time"`

			`"github.com/dgrijalva/jwt-go"`
			`"github.com/stashapp/stash/pkg/manager/config"`
			`)`

			`var ErrInvalidToken = errors.New("invalid apikey")`

			`const APIKeySubject = "APIKey"`

			`type APIKeyClaims struct {`
			UserID string `json:"uid"`
			`jwt.StandardClaims`
			`}`

			`func GenerateAPIKey(userID string) (string, error) {`
			`claims := &APIKeyClaims{`
			`UserID: userID,`
			`StandardClaims: jwt.StandardClaims{`
			`Subject: APIKeySubject,`
			`IssuedAt: time.Now().Unix(),`
			`},`
			`}`

			`token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)`

Setup and migration UI refactor (#1190) * Make config instance-based * Remove config dependency in paths * Refactor config init * Allow startup without database * Get system status at UI initialise * Add setup wizard * Cache and Metadata optional. Database mandatory * Handle metadata not set during full import/export * Add links * Remove config check middleware * Stash not mandatory * Panic on missing mandatory config fields * Redirect setup to main page if setup not required * Add migration UI * Remove unused stuff * Move UI initialisation into App * Don't create metadata paths on RefreshConfig * Add folder selector for generated in setup * Env variable to set and create config file. Make docker images use a fixed config file. * Set config file during setup 2021-04-11 23:31:33 +00:00			`ss, err := token.SignedString(config.GetInstance().GetJWTSignKey())`
Api key (#1241) 2021-03-31 05:08:52 +00:00			`if err != nil {`
			`return "", err`
			`}`

			`return ss, nil`
			`}`

			`// GetUserIDFromAPIKey validates the provided api key and returns the user ID`
			`func GetUserIDFromAPIKey(apiKey string) (string, error) {`
			`claims := &APIKeyClaims{}`
			`token, err := jwt.ParseWithClaims(apiKey, claims, func(t *jwt.Token) (interface{}, error) {`
Setup and migration UI refactor (#1190) * Make config instance-based * Remove config dependency in paths * Refactor config init * Allow startup without database * Get system status at UI initialise * Add setup wizard * Cache and Metadata optional. Database mandatory * Handle metadata not set during full import/export * Add links * Remove config check middleware * Stash not mandatory * Panic on missing mandatory config fields * Redirect setup to main page if setup not required * Add migration UI * Remove unused stuff * Move UI initialisation into App * Don't create metadata paths on RefreshConfig * Add folder selector for generated in setup * Env variable to set and create config file. Make docker images use a fixed config file. * Set config file during setup 2021-04-11 23:31:33 +00:00			`return config.GetInstance().GetJWTSignKey(), nil`
Api key (#1241) 2021-03-31 05:08:52 +00:00			`})`

			`if err != nil {`
			`return "", err`
			`}`

			`if !token.Valid {`
			`return "", ErrInvalidToken`
			`}`

			`return claims.UserID, nil`
			`}`