feat(auth): extract jwt token validation to make it reusable for cli

Author: axzilla

internal/app/jwt/jwt.go

@@ -4,15 +4,23 @@ import (
 	"os"
 	"time"
 
-	"github.com/golang-jwt/jwt/v4"
+	jwtlib "github.com/golang-jwt/jwt/v4"
 )
 
 var JwtSecret = []byte(os.Getenv("JWT_SECRET"))
 
 func CreateToken(userID string) (string, error) {
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+	token := jwtlib.NewWithClaims(jwtlib.SigningMethodHS256, jwtlib.MapClaims{
 		"user_id": userID,
 		"exp":     time.Now().Add(24 * time.Hour).Unix(),
 	})
 	return token.SignedString(JwtSecret)
 }
+
+func ValidateToken(token string) (*jwtlib.Token, map[string]interface{}, error) {
+	claims := jwtlib.MapClaims{}
+	t, err := jwtlib.ParseWithClaims(token, claims, func(t *jwtlib.Token) (interface{}, error) {
+		return JwtSecret, nil
+	})
+	return t, claims, err
+}

internal/app/middleware/auth.go

@@ -7,7 +7,6 @@ import (
 	"github.com/axzilla/deeploy/internal/app/cookie"
 	"github.com/axzilla/deeploy/internal/app/jwt"
 	"github.com/axzilla/deeploy/internal/app/services"
-	jwtlib "github.com/golang-jwt/jwt/v4"
 )
 
 type AuthMiddleWare struct {
@@ -26,10 +25,7 @@ func (m *AuthMiddleWare) Auth(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
-		claims := jwtlib.MapClaims{}
-		t, err := jwtlib.ParseWithClaims(token, claims, func(t *jwtlib.Token) (interface{}, error) {
-			return jwt.JwtSecret, nil
-		})
+		t, claims, err := jwt.ValidateToken(token)
 		if err != nil || !t.Valid {
 			http.Error(w, "Unauthorized", http.StatusUnauthorized)
 			return