feat: rename jwt to session & introduce upload keys

internal/auth/session/session.go

@@ -15,7 +15,7 @@
     along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 
-package token
+package session
 
 import (
 	"encoding/json"
@@ -28,8 +28,8 @@ import (
 	"stereo.cat/backend/internal/types"
 )
 
-func GenerateJWT(key string, user auth.User, expiryTimestamp uint64) (string, error) {
-	claims := auth.Claims{
+func GenerateSessionJWT(key string, user auth.User, expiryTimestamp uint64) (string, error) {
+	claims := auth.SessionClaims{
 		User: user,
 		Exp:  expiryTimestamp,
 	}
@@ -39,7 +39,7 @@ func GenerateJWT(key string, user auth.User, expiryTimestamp uint64) (string, er
 }
 
 
-func JwtMiddleware(secret string) gin.HandlerFunc {
+func SessionMiddleware(secret string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		jwt, err := c.Cookie("jwt")
 		if err != nil {
@@ -54,7 +54,7 @@ func JwtMiddleware(secret string) gin.HandlerFunc {
 			jwt = jwtSplit[1]
 		}
 
-		claims, err := ValidateJWT(jwt, secret)
+		claims, err := ValidateSession(jwt, secret)
 		if err != nil {
 			types.ErrorUnauthorized.Throw(c, err)
 			return
@@ -82,7 +82,7 @@ func JwtMiddleware(secret string) gin.HandlerFunc {
 	}
 }
 
-func ValidateJWT(jwtString, key string) (jwt.MapClaims, error) {
+func ValidateSession(jwtString, key string) (jwt.MapClaims, error) {
 	token, err := jwt.Parse(jwtString, func(token *jwt.Token) (any, error) {
 		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
 			return nil, fmt.Errorf("Invalid signing method!")

internal/auth/types.go

@@ -37,6 +37,7 @@ type User struct {
 	Blacklisted bool      `json:"blacklisted"`
 	Email       string    `json:"email"`
 	CreatedAt   time.Time `json:"created_at"`
+	HashedApiKey string   `json:"hashed_api_key"`
 }
 
 type AvatarDecorationData struct {
@@ -50,7 +51,7 @@ type ExchangeCodeRequest struct {
 	RedirectUri string `json:"redirect_uri"`
 }
 
-type Claims struct {
+type SessionClaims struct {
 	User User   `json:"user"`
 	Exp  uint64 `json:"exp"`
 	jwt.RegisteredClaims

internal/auth/ukey/ukey.go

@@ -0,0 +1,52 @@
+package ukey
+
+import (
+	"crypto/rand"
+	"math/big"
+
+	"github.com/cristalhq/base64"
+	"github.com/gin-gonic/gin"
+	"golang.org/x/crypto/blake2b"
+	"stereo.cat/backend/internal/auth"
+	"stereo.cat/backend/internal/types"
+)
+
+func GenerateUploadKey(cfg *types.StereoConfig, user *auth.User, c *gin.Context) []byte {
+	length := 32
+	chars := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789@#!&*%~?"
+
+	key := make([]byte, length)
+	for i := range length {
+		num, err := rand.Int(rand.Reader, big.NewInt(int64(len(chars))))
+		if err != nil {
+			types.ErrorInvalidParams.Throw(c, err)
+			return nil
+		}
+
+		key[i] = chars[num.Int64()]
+	}
+
+	hasher, err := blake2b.New512(nil)
+	if err != nil {
+		types.ErrorInvalidParams.Throw(c, err)
+		return nil
+	}
+
+	_, err = hasher.Write(key)
+	if err != nil {
+		types.ErrorInvalidParams.Throw(c, err)
+		return nil
+	}
+
+	hashed := base64.RawStdEncoding.EncodeToString(hasher.Sum(nil))
+
+	user.HashedApiKey = hashed
+
+	err = cfg.Database.Updates(user).Error
+	if err != nil {
+		types.ErrorDatabase.Throw(c, err)
+		return nil
+	}
+
+	return key
+}