[jwt] add module and config

.golangci.yml

@@ -252,12 +252,12 @@ linters:
         - ^os/exec.Cmd$
         - ^reflect.StructField$
         # public libs
-        - "^github.com/gofiber/.+Config$"
-        - "^gopkg.in/telebot.v4.LongPoller$"
-        - "^gopkg.in/telebot.v4.ReplyMarkup$"
-        - "^gopkg.in/telebot.v4.Settings$"
+        - ^firebase.google.com/go/v4/messaging.AndroidConfig$
+        - ^firebase.google.com/go/v4/messaging.Message$
         - ^github.com/aws/aws-sdk-go-v2/service/s3.+Input$
         - ^github.com/aws/aws-sdk-go-v2/service/s3/types.ObjectIdentifier$
+        - ^github.com/gofiber/.+Config$
+        - ^github.com/golang-jwt/jwt/v5.+Claims$
         - ^github.com/mitchellh/mapstructure.DecoderConfig$
         - ^github.com/prometheus/client_golang/.+Opts$
         - ^github.com/secsy/goftp.Config$
@@ -273,10 +273,11 @@ linters:
         - ^github.com/urfave/cli.v3.FlagBase$
         - ^golang.org/x/tools/go/analysis.Analyzer$
         - ^google.golang.org/protobuf/.+Options$
+        - ^gopkg.in/telebot.v4.LongPoller$
+        - ^gopkg.in/telebot.v4.ReplyMarkup$
+        - ^gopkg.in/telebot.v4.Settings$
         - ^gopkg.in/yaml.v3.Node$
         - ^gorm.io/gorm/clause.+$
-        - ^firebase.google.com/go/v4/messaging.Message$
-        - ^firebase.google.com/go/v4/messaging.AndroidConfig$
       # Allows empty structures in return statements.
       # Default: false
       allow-empty-returns: true

api/mobile.http

@@ -68,8 +68,8 @@ Authorization: Bearer {{mobileToken}}
 Content-Type: application/json
 
 {
-  "currentPassword": "wsmgz1akhoo24o",
-  "newPassword": "wsmgz1akhoo24o"
+  "currentPassword": "8f8ijpnuvemq7y",
+  "newPassword": "8f8ijpnuvemq7y"
 }
 
 ###

api/requests.http

@@ -1,6 +1,7 @@
 @baseUrl={{$dotenv CLOUD__URL}}
 @credentials={{$dotenv CLOUD__CREDENTIALS}}
 @mobileToken={{$dotenv MOBILE__TOKEN}}
+@jwtToken={{$dotenv JWT__TOKEN}}
 @phone={{$dotenv PHONE}}
 
 ###
@@ -34,7 +35,8 @@ Authorization: Basic {{credentials}}
 ###
 POST {{baseUrl}}/3rdparty/v1/messages HTTP/1.1
 Content-Type: application/json
-Authorization: Basic {{credentials}}
+# Authorization: Basic {{credentials}}
+Authorization: Bearer {{jwtToken}}
 
 {
     "textMessage": {
@@ -78,11 +80,13 @@ Authorization: Basic {{credentials}}
 
 ###
 GET {{baseUrl}}/3rdparty/v1/messages/Fc10ZyTRDVlqPjIm9Jbly HTTP/1.1
-Authorization: Basic {{credentials}}
+# Authorization: Basic {{credentials}}
+Authorization: Bearer {{jwtToken}}
 
 ###
 GET {{baseUrl}}/3rdparty/v1/messages HTTP/1.1
-Authorization: Basic {{credentials}}
+# Authorization: Basic {{credentials}}
+Authorization: Bearer {{jwtToken}}
 
 ###
 GET {{baseUrl}}/3rdparty/v1/messages?from=2025-01-01T00:00:00.000Z&to=2025-12-31T23:59:59Z&state=Pending&deviceId=fL2m4IirEvh9BvTf6TIB0&limit=50&offset=0 HTTP/1.1
@@ -101,7 +105,9 @@ Content-Type: application/json
 
 ###
 GET {{baseUrl}}/3rdparty/v1/devices HTTP/1.1
-Authorization: Basic {{credentials}}
+# Authorization: Basic {{credentials}}
+Authorization: Bearer {{jwtToken}}
+
 
 ###
 DELETE {{baseUrl}}/3rdparty/v1/devices/gF0jEYiaG_x9sI1YFWa7a HTTP/1.1
@@ -191,6 +197,31 @@ Content-Type: application/json
     }
 }
 
+###
+POST {{baseUrl}}/3rdparty/v1/auth/token HTTP/1.1
+Authorization: Basic {{credentials}}
+Content-Type: application/json
+
+{
+    "ttl": 3600,
+    "scopes": [
+        "messages:send",
+        "messages:read",
+        "devices:list",
+        "devices:write",
+        "webhooks:list",
+        "webhooks:write",
+        "settings:read",
+        "settings:write",
+        "logs:read"
+    ]
+}
+
+###
+DELETE {{baseUrl}}/3rdparty/v1/auth/token/w8pxz0a4Fwa4xgzyCvSeC HTTP/1.1
+Authorization: Basic {{credentials}}
+Content-Type: application/json
+
 ###
 GET http://localhost:3000/metrics HTTP/1.1
 

cmd/sms-gateway/main.go

@@ -14,6 +14,11 @@ const (
 //	@securitydefinitions.basic	ApiAuth
 //	@description				User authentication
 
+//	@securitydefinitions.apikey	JWTAuth
+//	@in							header
+//	@name						Authorization
+//	@description				JWT authentication
+
 //	@securitydefinitions.apikey	UserCode
 //	@in							header
 //	@name						Authorization

configs/config.example.yml

@@ -38,15 +38,19 @@ cache: # cache config
   url: memory:// # cache url (memory:// or redis://) [CACHE__URL]
 pubsub: # pubsub config
   url: memory:// # pubsub url (memory:// or redis://) [PUBSUB__URL]
+jwt:
+  secret: # jwt secret (leave empty to disable JWT functionality) [JWT__SECRET]
+  ttl: 24h # jwt ttl [JWT__TTL]
+  issuer: # jwt issuer [JWT__ISSUER]
 
 ## Worker Config ##
 
 tasks: # tasks config
   messages_hashing:
-    interval: 168h # task execution interval in hours [TASKS__MESSAGES_HASHING__INTERVAL]
+    interval: 168h # task execution interval [TASKS__MESSAGES_HASHING__INTERVAL]
   messages_cleanup:
-    interval: 24h # task execution interval in hours [TASKS__MESSAGES_CLEANUP__INTERVAL]
-    max_age: 720h # messages max age in hours [TASKS__MESSAGES_CLEANUP__MAX_AGE]
+    interval: 24h # task execution interval [TASKS__MESSAGES_CLEANUP__INTERVAL]
+    max_age: 720h # messages max age [TASKS__MESSAGES_CLEANUP__MAX_AGE]
   devices_cleanup:
-    interval: 24h # task execution interval in hours [TASKS__DEVICES_CLEANUP__INTERVAL]
-    max_age: 8760h # inactive devices max age in hours [TASKS__DEVICES_CLEANUP__MAX_AGE]
+    interval: 24h # task execution interval [TASKS__DEVICES_CLEANUP__INTERVAL]
+    max_age: 8760h # inactive devices max age [TASKS__DEVICES_CLEANUP__MAX_AGE]