Add ClaimsShort to fix the JWT user's owner and name empty bug.

2025-05-24 08:20:31 +08:00 · 2022-01-03 22:54:17 +08:00 · 2022-01-03 22:54:17 +08:00 · ba32a45693
commit ba32a45693
parent a4d83af768
1 changed files with 43 additions and 11 deletions
--- a/object/token_jwt.go
+++ b/object/token_jwt.go
@ -25,12 +25,38 @@ import (

 type Claims struct {
 	*User
-	Name  string `json:"name,omitempty"`
-	Owner string `json:"owner,omitempty"`
 	Nonce string `json:"nonce,omitempty"`
 	jwt.RegisteredClaims
 }

+type UserShort struct {
+	Owner string `xorm:"varchar(100) notnull pk" json:"owner"`
+	Name  string `xorm:"varchar(100) notnull pk" json:"name"`
+}
+
+type ClaimsShort struct {
+	*UserShort
+	Nonce string `json:"nonce,omitempty"`
+	jwt.RegisteredClaims
+}
+
+func getShortUser(user *User) *UserShort {
+	res := &UserShort{
+		Owner: user.Owner,
+		Name:  user.Name,
+	}
+	return res
+}
+
+func getShortClaims(claims Claims) ClaimsShort {
+	res := ClaimsShort{
+		UserShort:        getShortUser(claims.User),
+		Nonce:            claims.Nonce,
+		RegisteredClaims: claims.RegisteredClaims,
+	}
+	return res
+}
+
 func generateJwtToken(application *Application, user *User, nonce string) (string, string, error) {
 	nowTime := time.Now()
 	expireTime := nowTime.Add(time.Duration(application.ExpireInHours) * time.Hour)
@ -51,16 +77,22 @@ func generateJwtToken(application *Application, user *User, nonce string) (strin
 			ID:        "",
 		},
 	}
-	//all fields of the User struct are not added in "JWT-Empty" format
-	if application.TokenFormat == "JWT-Empty" {
-		claims.User = nil
-	}
-	claims.Name = user.Name
-	claims.Owner = user.Owner

-	token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
+	var token *jwt.Token
+	var refreshToken *jwt.Token
+
+	// the JWT token length in "JWT-Empty" mode will be very short, as User object only has two properties: owner and name
+	if application.TokenFormat == "JWT-Empty" {
+		claimsShort := getShortClaims(claims)
+
+		token = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort)
+		claimsShort.ExpiresAt = jwt.NewNumericDate(refreshExpireTime)
+		refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort)
+	} else {
+		token = jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
 		claims.ExpiresAt = jwt.NewNumericDate(refreshExpireTime)
-	refreshToken := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
+		refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
+	}

 	cert := getCertByApplication(application)