go-backend-template/helper/token.go

package helper

import (
	"errors"
	"os"
	"strconv"
	"time"

	"github.com/golang-jwt/jwt/v5"
)

var (
	secretKey     = []byte(os.Getenv("JWT_SECRET"))
	jwtExpiration = os.Getenv("JWT_EXPIRATION")
)

func GenerateToken(userId string) (string, error) {
	if len(secretKey) == 0 {
		return "", errors.New("JWT_SECRET is not set")
	}

	if jwtExpiration == "" {
		return "", errors.New("JWT_EXPIRATION is not set")
	}

	jwtExpirationInt, err := strconv.Atoi(jwtExpiration)
	if err != nil {
		return "", err
	}

	claims := jwt.MapClaims{
		"userId": userId,
		"exp":    time.Now().Add(time.Duration(jwtExpirationInt) * time.Hour).Unix(),
	}

	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)

	signedToken, err := token.SignedString(secretKey)
	if err != nil {
		return "", err
	}

	return signedToken, nil
}

func ValidateToken(tokenString string) (jwt.MapClaims, error) {
	if len(secretKey) == 0 {
		return nil, errors.New("JWT_SECRET is not set")
	}

	token, err := jwt.Parse(tokenString, func(t *jwt.Token) (any, error) {
		if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
			return nil, errors.New("unexpected signing method")
		}
		return secretKey, nil
	})
	if err != nil {
		return nil, err
	}

	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
		return claims, nil
	}

	return nil, errors.New("invalid token")
}