feat(auth): automatically generate anonymous user session

ref arcad/edge-menu#86

pkg/module/auth/http/jwt.go

@@ -1,35 +0,0 @@
-package http
-
-import (
-	"time"
-
-	"github.com/lestrrat-go/jwx/v2/jwa"
-	"github.com/lestrrat-go/jwx/v2/jwk"
-	"github.com/lestrrat-go/jwx/v2/jwt"
-	"github.com/pkg/errors"
-)
-
-func generateSignedToken(algo jwa.KeyAlgorithm, key jwk.Key, claims map[string]any) ([]byte, error) {
-	token := jwt.New()
-
-	if err := token.Set(jwt.NotBeforeKey, time.Now()); err != nil {
-		return nil, errors.WithStack(err)
-	}
-
-	for key, value := range claims {
-		if err := token.Set(key, value); err != nil {
-			return nil, errors.Wrapf(err, "could not set claim '%s' with value '%v'", key, value)
-		}
-	}
-
-	if err := token.Set(jwk.AlgorithmKey, jwa.HS256); err != nil {
-		return nil, errors.WithStack(err)
-	}
-
-	rawToken, err := jwt.Sign(token, jwt.WithKey(algo, key))
-	if err != nil {
-		return nil, errors.WithStack(err)
-	}
-
-	return rawToken, nil
-}

pkg/module/auth/http/local_handler.go

@@ -9,6 +9,7 @@ import (
 
 	"forge.cadoles.com/arcad/edge/pkg/module/auth"
 	"forge.cadoles.com/arcad/edge/pkg/module/auth/http/passwd"
+	"forge.cadoles.com/arcad/edge/pkg/module/auth/jwt"
 	"github.com/go-chi/chi/v5"
 	"github.com/lestrrat-go/jwx/v2/jwa"
 	"github.com/lestrrat-go/jwx/v2/jwk"
@@ -112,7 +113,7 @@ func (h *LocalHandler) handleForm(w http.ResponseWriter, r *http.Request) {
 
 	account.Claims[auth.ClaimIssuer] = "local"
 
-	token, err := generateSignedToken(h.algo, h.key, account.Claims)
+	token, err := jwt.GenerateSignedToken(h.algo, h.key, account.Claims)
 	if err != nil {
 		logger.Error(ctx, "could not generate signed token", logger.E(errors.WithStack(err)))
 		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)