From edfa3e63b9c4ccf46ef47390c450f576bd626ded Mon Sep 17 00:00:00 2001
From: LandaMm <qwer.009771@gmail.com>
Date: Wed, 21 May 2025 21:59:31 +0200
Subject: [PATCH] feat: generate refresh token

---
 internal/auth/routes.go | 39 ++++++++++++++++++++++++++++++++-------
 1 file changed, 32 insertions(+), 7 deletions(-)

diff --git a/internal/auth/routes.go b/internal/auth/routes.go
index 0e18254..626a9bb 100644
--- a/internal/auth/routes.go
+++ b/internal/auth/routes.go
@@ -86,30 +86,55 @@ func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	claims := types.UserClaims{
-		UserID: user.ID.String(),
+	accessClaims := types.UserClaims{
+		UserEmail: user.Email,
 		RegisteredClaims: jwt.RegisteredClaims{
 			Issuer:    "hspguard",
-			Subject:   user.Email,
+			Subject:   user.ID.String(),
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
-			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour)),
+			ExpiresAt: jwt.NewNumericDate(time.Now().Add(15 * time.Minute)),
 		},
 	}
 
-	token, err := SignJwtToken(claims)
+	accessToken, err := SignJwtToken(accessClaims)
 	if err != nil {
 		web.Error(w, fmt.Sprintf("failed to generate access token: %v", err), http.StatusBadRequest)
 		return
 	}
 
+	refreshClaims := types.UserClaims{
+		UserEmail: user.Email,
+		RegisteredClaims: jwt.RegisteredClaims{
+			Issuer:    "hspguard",
+			Subject:   user.ID.String(),
+			IssuedAt:  jwt.NewNumericDate(time.Now()),
+			ExpiresAt: jwt.NewNumericDate(time.Now().Add(30 * 24 * time.Hour)),
+		},
+	}
+
+	refreshToken, err := SignJwtToken(refreshClaims)
+	if err != nil {
+		web.Error(w, fmt.Sprintf("failed to generate refresh token: %v", err), http.StatusBadRequest)
+		return
+	}
+
 	encoder := json.NewEncoder(w)
 
 	type Response struct {
-		Token string `json:"token"`
+		AccessToken  string `json:"access"`
+		RefreshToken string `json:"refresh"`
+		// fields required for UI in account selector, e.g. email, full name and avatar
+		FullName string `json:"full_name"`
+		Email    string `json:"email"`
+		// Avatar
 	}
 
 	if err := encoder.Encode(Response{
-		Token: token,
+		AccessToken:  accessToken,
+		RefreshToken: refreshToken,
+		FullName:     user.FullName,
+		Email:        user.Email,
+		// Avatar
 	}); err != nil {
 		web.Error(w, "failed to encode response", http.StatusInternalServerError)
 	}