From ac72f9d032a2cdccc33021f6ba251d1e0741c840 Mon Sep 17 00:00:00 2001 From: Shay Date: Thu, 27 Nov 2025 11:45:18 +0800 Subject: [PATCH] - error strings should not be capitalized (ST1005) - jwt.StandardClaims is deprecated: Use RegisteredClaims instead for a forward-compatible way to access registered claims in a struct. - Removed the depricated StandardClaims and updated to the recommended RegisteredClaims - use jwt.NewNumericDate for expiry fields --- domain/jwt_custom.go | 4 ++-- internal/tokenutil/tokenutil.go | 17 +++++++++-------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/domain/jwt_custom.go b/domain/jwt_custom.go index 5107a72..aa890ba 100644 --- a/domain/jwt_custom.go +++ b/domain/jwt_custom.go @@ -7,10 +7,10 @@ import ( type JwtCustomClaims struct { Name string `json:"name"` ID string `json:"id"` - jwt.StandardClaims + jwt.RegisteredClaims } type JwtCustomRefreshClaims struct { ID string `json:"id"` - jwt.StandardClaims + jwt.RegisteredClaims } diff --git a/internal/tokenutil/tokenutil.go b/internal/tokenutil/tokenutil.go index 480c6e3..31a67cd 100644 --- a/internal/tokenutil/tokenutil.go +++ b/internal/tokenutil/tokenutil.go @@ -9,12 +9,12 @@ import ( ) func CreateAccessToken(user *domain.User, secret string, expiry int) (accessToken string, err error) { - exp := time.Now().Add(time.Hour * time.Duration(expiry)).Unix() + exp := time.Now().Add(time.Hour * time.Duration(expiry)) claims := &domain.JwtCustomClaims{ Name: user.Name, ID: user.ID.Hex(), - StandardClaims: jwt.StandardClaims{ - ExpiresAt: exp, + RegisteredClaims: jwt.RegisteredClaims{ + ExpiresAt: jwt.NewNumericDate(exp), }, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) @@ -26,10 +26,11 @@ func CreateAccessToken(user *domain.User, secret string, expiry int) (accessToke } func CreateRefreshToken(user *domain.User, secret string, expiry int) (refreshToken string, err error) { + exp := time.Now().Add(time.Hour * time.Duration(expiry)) claimsRefresh := &domain.JwtCustomRefreshClaims{ ID: user.ID.Hex(), - StandardClaims: jwt.StandardClaims{ - ExpiresAt: time.Now().Add(time.Hour * time.Duration(expiry)).Unix(), + RegisteredClaims: jwt.RegisteredClaims{ + ExpiresAt: jwt.NewNumericDate(exp), }, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claimsRefresh) @@ -43,7 +44,7 @@ func CreateRefreshToken(user *domain.User, secret string, expiry int) (refreshTo func IsAuthorized(requestToken string, secret string) (bool, error) { _, err := jwt.Parse(requestToken, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) + return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } return []byte(secret), nil }) @@ -56,7 +57,7 @@ func IsAuthorized(requestToken string, secret string) (bool, error) { func ExtractIDFromToken(requestToken string, secret string) (string, error) { token, err := jwt.Parse(requestToken, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) + return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } return []byte(secret), nil }) @@ -68,7 +69,7 @@ func ExtractIDFromToken(requestToken string, secret string) (string, error) { claims, ok := token.Claims.(jwt.MapClaims) if !ok && !token.Valid { - return "", fmt.Errorf("Invalid Token") + return "", fmt.Errorf("invalid token") } return claims["id"].(string), nil