updated is.js, refactored jwt code

core/api/endpoint/authentication_endpoint.go

@@ -12,22 +12,17 @@
 package endpoint
 
 import (
-	"crypto/rand"
 	"database/sql"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
 	"strings"
-	"time"
-
-	jwt "github.com/dgrijalva/jwt-go"
 
 	"github.com/documize/community/core/api/endpoint/models"
 	"github.com/documize/community/core/api/entity"
 	"github.com/documize/community/core/api/request"
 	"github.com/documize/community/core/api/util"
-	"github.com/documize/community/core/environment"
 	"github.com/documize/community/core/log"
 	"github.com/documize/community/core/section/provider"
 	"github.com/documize/community/core/utility"
@@ -308,130 +303,3 @@ func preAuthorizeStaticAssets(r *http.Request) bool {
 
 	return false
 }
-
-var jwtKey string
-
-func init() {
-	environment.GetString(&jwtKey, "salt", false, "the salt string used to encode JWT tokens, if not set a random value will be generated",
-		func(t *string, n string) bool {
-			if jwtKey == "" {
-				b := make([]byte, 17)
-				_, err := rand.Read(b)
-				if err != nil {
-					jwtKey = err.Error()
-					log.Error("problem using crypto/rand", err)
-					return false
-				}
-				for k, v := range b {
-					if (v >= 'a' && v <= 'z') || (v >= 'A' && v <= 'Z') || (v >= '0' && v <= '0') {
-						b[k] = v
-					} else {
-						s := fmt.Sprintf("%x", v)
-						b[k] = s[0]
-					}
-				}
-				jwtKey = string(b)
-				log.Info("Please set DOCUMIZESALT or use -salt with this value: " + jwtKey)
-			}
-			return true
-		})
-}
-
-// Generates JSON Web Token (http://jwt.io)
-func generateJWT(user, org, domain string) string {
-	token := jwt.New(jwt.SigningMethodHS256)
-
-	// issuer
-	token.Claims["iss"] = "Documize"
-	// subject
-	token.Claims["sub"] = "webapp"
-	// expiry
-	token.Claims["exp"] = time.Now().Add(time.Hour * 168).Unix()
-	// data
-	token.Claims["user"] = user
-	token.Claims["org"] = org
-	token.Claims["domain"] = domain
-
-	tokenString, _ := token.SignedString([]byte(jwtKey))
-
-	return tokenString
-}
-
-// Check for authorization token.
-// We look for 'Authorization' request header OR query string "?token=XXX".
-func findJWT(r *http.Request) (token string) {
-	header := r.Header.Get("Authorization")
-
-	if header != "" {
-		header = strings.Replace(header, "Bearer ", "", 1)
-	}
-
-	if len(header) > 1 {
-		token = header
-	} else {
-		query := r.URL.Query()
-		token = query.Get("token")
-	}
-
-	if token == "null" {
-		token = ""
-	}
-
-	return
-}
-
-// We take in raw token string and decode it.
-func decodeJWT(tokenString string) (c request.Context, claims map[string]interface{}, err error) {
-	method := "decodeJWT"
-
-	// sensible defaults
-	c.UserID = ""
-	c.OrgID = ""
-	c.Authenticated = false
-	c.Guest = false
-
-	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
-		return []byte(jwtKey), nil
-	})
-
-	if err != nil {
-		err = fmt.Errorf("bad authorization token")
-		return
-	}
-
-	if !token.Valid {
-		if ve, ok := err.(*jwt.ValidationError); ok {
-			if ve.Errors&jwt.ValidationErrorMalformed != 0 {
-				log.Error("invalid token", err)
-				err = fmt.Errorf("bad token")
-				return
-			} else if ve.Errors&(jwt.ValidationErrorExpired|jwt.ValidationErrorNotValidYet) != 0 {
-				log.Error("expired token", err)
-				err = fmt.Errorf("expired token")
-				return
-			} else {
-				log.Error("invalid token", err)
-				err = fmt.Errorf("bad token")
-				return
-			}
-		} else {
-			log.Error("invalid token", err)
-			err = fmt.Errorf("bad token")
-			return
-		}
-	}
-
-	c = request.NewContext()
-	c.UserID = token.Claims["user"].(string)
-	c.OrgID = token.Claims["org"].(string)
-
-	if len(c.UserID) == 0 || len(c.OrgID) == 0 {
-		err = fmt.Errorf("%s : unable parse token data", method)
-		return
-	}
-
-	c.Authenticated = true
-	c.Guest = false
-
-	return c, token.Claims, nil
-}