From 08a3fb8a2b0281c3c329b33215ec7f8866add606 Mon Sep 17 00:00:00 2001
From: Leonardo Bishop <me@leonardobishop.net>
Date: Mon, 14 Jul 2025 01:24:40 +0100
Subject: Add authentication and ability to change host

---
 pkg/auth/provider.go | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 pkg/auth/provider.go

(limited to 'pkg/auth')

diff --git a/pkg/auth/provider.go b/pkg/auth/provider.go
new file mode 100644
index 0000000..0d515ab
--- /dev/null
+++ b/pkg/auth/provider.go
@@ -0,0 +1,38 @@
+package auth
+
+import (
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+)
+
+type Authenticator struct {
+	secretKey []byte
+	parser    *jwt.Parser
+}
+
+func NewAuthenticator(secretKey []byte) *Authenticator {
+	parser := jwt.NewParser(jwt.WithIssuer("scrapbook"), jwt.WithExpirationRequired())
+
+	a := &Authenticator{
+		secretKey: secretKey,
+		parser:    parser,
+	}
+
+	return a
+}
+
+func (a *Authenticator) NewJwt() (string, error) {
+	t := jwt.NewWithClaims(jwt.SigningMethodHS256,
+		jwt.MapClaims{
+			"iss": "scrapbook",
+			"exp": jwt.NewNumericDate(time.Now().Add(time.Hour * 2)),
+		})
+
+	return t.SignedString(a.secretKey)
+}
+
+func (a *Authenticator) VerifyJwt(token string) error {
+	_, err := a.parser.Parse(token, func(t *jwt.Token) (interface{}, error) { return a.secretKey, nil })
+	return err
+}
-- 
cgit v1.2.3-70-g09d2