Conversation
…nd enable JWT in the config struct. Add new test cases for database package benchmarks.
…dependency in go.mod. Update go.sum to reflect new dependency.
…ing JWTs and refresh tokens. Update user service to handle authentication and token generation, enhancing security and maintainability. Modify server initialization to accommodate new services and update relevant database queries for refresh token management.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| const cleanupExpiredTokens = `-- name: CleanupExpiredTokens :exec | ||
| DELETE FROM refresh_tokens | ||
| WHERE expires_at < NOW() - INTERVAL '30 days' | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const createRefreshToken = `-- name: CreateRefreshToken :one | ||
| INSERT INTO refresh_tokens ( | ||
| id, user_id, token_hash, expires_at, device_info | ||
| ) VALUES ( | ||
| $1, $2, $3, $4, $5 | ||
| ) RETURNING id, user_id, token_hash, expires_at, is_revoked, created_at, last_used_at, device_info | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const getRefreshToken = `-- name: GetRefreshToken :one | ||
| SELECT id, user_id, token_hash, expires_at, is_revoked, created_at, last_used_at, device_info FROM refresh_tokens | ||
| WHERE token_hash = $1 | ||
| AND is_revoked = FALSE | ||
| AND expires_at > NOW() | ||
| LIMIT 1 | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const getRefreshTokenIncludingRevoked = `-- name: GetRefreshTokenIncludingRevoked :one | ||
| SELECT id, user_id, token_hash, expires_at, is_revoked, created_at, last_used_at, device_info FROM refresh_tokens | ||
| WHERE token_hash = $1 | ||
| LIMIT 1 | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const getUserActiveRefreshTokens = `-- name: GetUserActiveRefreshTokens :many | ||
| SELECT id, created_at, last_used_at, device_info | ||
| FROM refresh_tokens | ||
| WHERE user_id = $1 | ||
| AND is_revoked = FALSE | ||
| AND expires_at > NOW() | ||
| ORDER BY last_used_at DESC | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const getUserTokenVersion = `-- name: GetUserTokenVersion :one | ||
| SELECT token_version FROM users WHERE id = $1 | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const incrementUserTokenVersion = `-- name: IncrementUserTokenVersion :one | ||
| UPDATE users | ||
| SET token_version = token_version + 1 | ||
| WHERE id = $1 | ||
| RETURNING token_version | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const revokeAllUserRefreshTokens = `-- name: RevokeAllUserRefreshTokens :exec | ||
| UPDATE refresh_tokens | ||
| SET is_revoked = TRUE | ||
| WHERE user_id = $1 AND is_revoked = FALSE | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const revokeRefreshToken = `-- name: RevokeRefreshToken :exec | ||
| UPDATE refresh_tokens | ||
| SET is_revoked = TRUE | ||
| WHERE token_hash = $1 | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
| const updateRefreshTokenUsage = `-- name: UpdateRefreshTokenUsage :exec | ||
| UPDATE refresh_tokens | ||
| SET last_used_at = NOW() | ||
| WHERE id = $1 | ||
| ` |
Check failure
Code scanning / gosec
Potential hardcoded credentials Error
2 participants
No description provided.