From cde423533213c110530912d21fd887b61e84774d Mon Sep 17 00:00:00 2001 From: cialloo Date: Wed, 8 Oct 2025 22:44:13 +0800 Subject: [PATCH] Add JWT configuration and implement token generation in Steam login callback --- src/etc/authenticator.yaml | 5 ++ src/go.mod | 2 +- src/internal/config/config.go | 7 +++ src/internal/logic/steamlogincallbacklogic.go | 47 ++++++++++++++++++- 4 files changed, 58 insertions(+), 3 deletions(-) diff --git a/src/etc/authenticator.yaml b/src/etc/authenticator.yaml index d89e841..58e0363 100644 --- a/src/etc/authenticator.yaml +++ b/src/etc/authenticator.yaml @@ -6,6 +6,11 @@ Steam: CallbackURL: https://www.cialloo.com/api/authenticator/steam/callback FrontendCallbackURL: https://www.cialloo.com/auth/callback +JWT: + Secret: your-secret-key-change-in-production + Issuer: cialloo-authenticator + ExpiresIn: 604800 # 7 days in seconds + Redis: Host: redis.production.svc.cluster.local:6379 Type: node diff --git a/src/go.mod b/src/go.mod index 83007a6..bd9c853 100644 --- a/src/go.mod +++ b/src/go.mod @@ -3,6 +3,7 @@ module src go 1.24.4 require ( + github.com/golang-jwt/jwt/v4 v4.5.2 github.com/google/uuid v1.6.0 github.com/zeromicro/go-zero v1.9.1 ) @@ -15,7 +16,6 @@ require ( github.com/fatih/color v1.18.0 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/golang-jwt/jwt/v4 v4.5.2 // indirect github.com/grafana/pyroscope-go v1.2.7 // indirect github.com/grafana/pyroscope-go/godeltaprof v0.1.9 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect diff --git a/src/internal/config/config.go b/src/internal/config/config.go index 2a4b535..b6bfb78 100644 --- a/src/internal/config/config.go +++ b/src/internal/config/config.go @@ -8,6 +8,7 @@ import ( type Config struct { rest.RestConf Steam SteamConfig + JWT JWTConfig Redis redis.RedisConf } @@ -15,3 +16,9 @@ type SteamConfig struct { CallbackURL string FrontendCallbackURL string } + +type JWTConfig struct { + Secret string + Issuer string + ExpiresIn int64 +} diff --git a/src/internal/logic/steamlogincallbacklogic.go b/src/internal/logic/steamlogincallbacklogic.go index a57c830..a6c6135 100644 --- a/src/internal/logic/steamlogincallbacklogic.go +++ b/src/internal/logic/steamlogincallbacklogic.go @@ -5,11 +5,13 @@ import ( "fmt" "net/http" "net/url" + "time" "src/internal/svc" "src/internal/types" "src/internal/utils/steamauth" + "github.com/golang-jwt/jwt/v4" "github.com/zeromicro/go-zero/core/logx" ) @@ -19,6 +21,12 @@ type SteamLoginCallbackLogic struct { svcCtx *svc.ServiceContext } +// JWT Claims structure +type SteamJWTClaims struct { + SteamID string `json:"steamId"` + jwt.RegisteredClaims +} + // Steam login callback func NewSteamLoginCallbackLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SteamLoginCallbackLogic { return &SteamLoginCallbackLogic{ @@ -100,9 +108,44 @@ func (l *SteamLoginCallbackLogic) SteamLoginCallback(req *types.SteamLoginCallba // Successful validation l.Logger.Infof("Steam login successful for Steam ID: %s (nonce: %s)", steamID, nonce) - // Redirect to frontend with success status and Steam ID - redirectURL := fmt.Sprintf("%s?status=success&steamId=%s", frontendCallbackURL, steamID) + // Generate JWT token + token, err := l.generateJWT(steamID) + if err != nil { + l.Logger.Errorf("Failed to generate JWT token: %v", err) + redirectURL := fmt.Sprintf("%s?status=error&message=%s", frontendCallbackURL, url.QueryEscape("Failed to generate authentication token")) + http.Redirect(w, r, redirectURL, http.StatusFound) + return nil + } + + // Redirect to frontend with success status, Steam ID, and JWT token + redirectURL := fmt.Sprintf("%s?status=success&steamId=%s&token=%s", frontendCallbackURL, steamID, token) http.Redirect(w, r, redirectURL, http.StatusFound) return nil } + +// generateJWT creates a JWT token for the authenticated user +func (l *SteamLoginCallbackLogic) generateJWT(steamID string) (string, error) { + // Create claims + claims := SteamJWTClaims{ + SteamID: steamID, + RegisteredClaims: jwt.RegisteredClaims{ + ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Duration(l.svcCtx.Config.JWT.ExpiresIn) * time.Second)), + IssuedAt: jwt.NewNumericDate(time.Now()), + NotBefore: jwt.NewNumericDate(time.Now()), + Issuer: l.svcCtx.Config.JWT.Issuer, + Subject: steamID, + }, + } + + // Create token + token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) + + // Sign token with secret + tokenString, err := token.SignedString([]byte(l.svcCtx.Config.JWT.Secret)) + if err != nil { + return "", err + } + + return tokenString, nil +}