From c34f7895678193b38a964cfb618c5654eff59605 Mon Sep 17 00:00:00 2001
From: Andrew-71 <andrey.nikitin.vladimirovich@gmail.com>
Date: Sat, 12 Oct 2024 10:22:05 +0300
Subject: [PATCH] Add working JWT tokens

---
 README.md | 8 +++++++-
 jwt.go    | 8 +++++---
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index d9c5c82..f602045 100644
--- a/README.md
+++ b/README.md
@@ -9,4 +9,10 @@ with(out) blazingly fast cloud-native web3 memory-safe blockchain reactive AI
 This should be done by **October 17th 2024**. Or, at the very least,
 in a state that proves I am competent Go developer.
 
-Note: **JSON** is used for storage at proof-of-concept stage for ease of use
\ No newline at end of file
+Note: **JSON** is used for storage at proof-of-concept stage for ease of use
+
+## Current functionality
+
+* `POST /register` - register a user with Basic Auth
+* `POST /login` - get a JWT token by Basic Auth
+* `GET /public-key` - get PEM-encoded public HS256 key
\ No newline at end of file
diff --git a/jwt.go b/jwt.go
index 7c87649..e219f93 100644
--- a/jwt.go
+++ b/jwt.go
@@ -10,6 +10,7 @@ import (
 	"log/slog"
 	"net/http"
 	"os"
+	"time"
 
 	"github.com/golang-jwt/jwt/v5"
 )
@@ -18,7 +19,6 @@ var KeyFile = "key"
 
 var (
 	key *ecdsa.PrivateKey
-	// t   *jwt.Token
 )
 
 // LoadKey attempts to load a private key from KeyFile.
@@ -76,8 +76,10 @@ func CreateJWT(usr User) (string, error) {
 	t := jwt.NewWithClaims(jwt.SigningMethodES256,
 		jwt.MapClaims{
 			"iss": "pye",
-			"sub": "john",
-			"foo": 2,
+			"uid": usr.Uuid,
+			"sub": usr.Email,
+			"iat": time.Now(),
+			"exp": time.Now().Add(time.Hour * 24 * 7),
 		})
 	s, err := t.SignedString(key)
 	if err != nil {