admin/Authentication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed multiple roles!

Browse Source
This commit is contained in:
F04C
2026-02-03 11:01:48 +08:00
parent 98f1705f72
commit f4b8651a5c
2 changed files with 59 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
handlers/jwt.go
+36 -9
View File
@@ -96,7 +96,7 @@ func GenerateTokens(email, userAgent, ipAddress string) (string, string, error)
userID = helper.UUIDGenerator()
}
roleID, err := services.GetRoleIDFromEmail(email)
roleID, err := services.GetRoleIDsFromEmail(email)
if err != nil {
return "", "", fmt.Errorf("error checking role in database: %w", err)
}
@@ -136,7 +136,7 @@ func GenerateTokens(email, userAgent, ipAddress string) (string, string, error)
}
_, err = db.DB.Exec(`
INSERT INTO jwt_sessions (id, user_id, refresh_token_hash, user_agent, ip_address, created_at, updated_at, expires_at, is_revoked)
INSERT INTO jwt_sessions (jwt_sessions_id, user_id, refresh_token_hash, user_agent, ip_address, created_at, updated_at, expires_at, is_revoked)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
`, sessionID, userID, refreshTokenHash, userAgent, ipAddress, currentTime, currentTime, expiresAt, false)
if err != nil {
@@ -155,7 +155,18 @@ func GenerateTokens(email, userAgent, ipAddress string) (string, string, error)
}
}
accessToken, err := generateAccessToken(email, sessionID, userID, roleID)
// Convert roleIDs slice to a comma-separated string for the token claim
var roleIDsStr string
if len(roleID) > 0 {
for i, r := range roleID {
if i > 0 {
roleIDsStr += ","
}
roleIDsStr += fmt.Sprintf("%d", r)
}
}
accessToken, err := generateAccessToken(email, sessionID, userID, roleIDsStr)
if err != nil {
return "", "", fmt.Errorf(errFormatWithContext, errMsgFailedToGenerateAccessToken, err)
}
@@ -318,13 +329,21 @@ func RefreshAccessToken(refreshTokenString, userAgent, ipAddress string) (string
userID = session.UserID // Fallback to session's user ID
}
roleID, err := services.GetRoleIDFromEmail(email)
roleIDs, err := services.GetRoleIDsFromEmail(email)
var roleIDsStr string
if err != nil {
helper.LogError(err, fmt.Sprintf("Failed to fetch role ID for email %s during refresh", email))
roleID = ""
roleIDsStr = ""
} else {
for i, r := range roleIDs {
if i > 0 {
roleIDsStr += ","
}
roleIDsStr += fmt.Sprintf("%d", r)
}
}
accessToken, err := generateAccessToken(email, session.ID, userID, roleID)
accessToken, err := generateAccessToken(email, session.ID, userID, roleIDsStr)
if err != nil {
helper.LogError(err, "Failed to generate access token during refresh")
return "", fmt.Errorf("failed to generate access token: %w", err)
@@ -469,13 +488,21 @@ func RefreshAccessTokenWithEmailFallback(refreshTokenString, userAgent, ipAddres
userID = session.UserID // Fallback to session's user ID
}
roleID, err := services.GetRoleIDFromEmail(email)
roleIDs, err := services.GetRoleIDsFromEmail(email)
var roleIDsStr string
if err != nil {
helper.LogError(err, fmt.Sprintf("Failed to fetch role ID for email %s during refresh", email))
roleID = ""
roleIDsStr = ""
} else {
for i, r := range roleIDs {
if i > 0 {
roleIDsStr += ","
}
roleIDsStr += fmt.Sprintf("%d", r)
}
}
accessToken, err := generateAccessToken(email, session.ID, userID, roleID)
accessToken, err := generateAccessToken(email, session.ID, userID, roleIDsStr)
if err != nil {
helper.LogError(err, "Failed to generate access token during refresh")
return "", fmt.Errorf("failed to generate access token: %w", err)