gitdata.ai/gitks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): replace internal auth with JWT token service

Browse Source 
- Replace InternalAuthService with TokenService using JWT tokens
- Add support for token issuance, refresh, verification and revocation
- Implement automatic signing key rotation with Redis storage
- Add database migration checks for indexes and foreign key constraints
- Update gRPC endpoints to use token-based authentication
- Remove deprecated API key based authentication system
- Add JSON Web Token support with HMAC-SHA256 signing
- Implement refresh token handling with automatic rotation
- Add token revocation by JTI and user ID
- Update build configuration to include core proto files
- Migrate database schema to handle token-based authentication
- Add comprehensive token validation and verification logic
This commit is contained in:
zhenyi
2026-06-11 15:08:13 +08:00
parent a0bea36041
commit dbbfb747a4
16 changed files with 833 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files
service/mod.rs
+7 -5
View File
@@ -63,7 +63,7 @@ pub struct NotificationService {
}
pub use im::ImService;
pub use internal_auth::InternalAuthService;
pub use internal_auth::TokenService;
#[derive(Clone)]
pub struct AppService {
@@ -75,13 +75,13 @@ pub struct AppService {
pub pr: PrService,
pub notify: NotificationService,
pub im: ImService,
pub internal_auth: InternalAuthService,
pub internal_auth: TokenService,
pub ctx: Arc<ServiceContext>,
}
impl AppService {
#[allow(clippy::too_many_arguments)]
pub fn new(
pub async fn new(
version: String,
db: AppDatabase,
redis: AppRedis,
@@ -91,7 +91,9 @@ impl AppService {
registry: Arc<EtcdRegistry>,
nats: Arc<NatsQueue>,
) -> Self {
let internal_auth = InternalAuthService::new(redis.clone());
let token_service = TokenService::new(redis.clone())
.await
.expect("failed to initialize TokenService");
let ctx = Arc::new(ServiceContext {
version,
@@ -114,7 +116,7 @@ impl AppService {
pr: PrService { ctx: ctx.clone() },
notify: NotificationService { ctx: ctx.clone() },
im: ImService { ctx: ctx.clone() },
internal_auth,
internal_auth: token_service,
ctx,
}
}