github-mirror/alist
2
0
Fork 0
mirror of https://github.com/AlistGo/alist.git synced 2025-06-20 04:03:35 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

feat: invalidate old token after changing the password (close #5515)

Browse Source
This commit is contained in:
Andy Hsu
2023-11-13 15:22:42 +08:00
parent a7421d8fc2
commit 3d51845f57
6 changed files with 24 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
server/common/auth.go
View File

@ -4,6 +4,7 @@ import (
"time"
"github.com/alist-org/alist/v3/internal/conf"
"github.com/alist-org/alist/v3/internal/model"
"github.com/golang-jwt/jwt/v4"
"github.com/pkg/errors"
)
@ -12,12 +13,14 @@ var SecretKey []byte
type UserClaims struct {
Username string `json:"username"`
PwdTS int64 `json:"pwd_ts"`
jwt.RegisteredClaims
}
func GenerateToken(username string) (tokenString string, err error) {
func GenerateToken(user *model.User) (tokenString string, err error) {
claim := UserClaims{
Username: username,
Username: user.Username,
PwdTS: user.PwdTS,
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Duration(conf.Conf.TokenExpiresIn) * time.Hour)),
IssuedAt: jwt.NewNumericDate(time.Now()),