package handlers import ( "log" "net/http" // "os" "time" "hyperia/config" "github.com/golang-jwt/jwt/v5" ) func GenerateJWT(applicantId int) (string, error) { claims := jwt.MapClaims{ "applicant_id": applicantId, "exp": time.Now().Add(2 * time.Hour).Unix(), // expires in 2 hours "iat": time.Now().Unix(), } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) jwtSecret := []byte(config.JWT_SECRET) signedToken, err := token.SignedString(jwtSecret) if err != nil { return "", err } return signedToken, nil } func HandleVerify(w http.ResponseWriter, r *http.Request) { // token := r.URL.Query().Get("token") // if token == "" { // http.Error(w, "Missing token", http.StatusBadRequest) // return // } // v, err := GetApplicantVerificationByToken(token) // if err != nil { // log.Println("Invalid token: ", token) // http.Error(w, "Invalid token", http.StatusUnauthorized) // return // } // if time.Since(v.CreatedOn) > 30*time.Minute || v.Expired { // log.Println("Token expired: ", token) // http.Error(w, "Token expired", http.StatusUnauthorized) // return // } // _, err = DB.Exec(` // UPDATE ApplicantVerifications SET Expired = 1 WHERE ApplicantId = $1 // `, v.ApplicantId) // if err != nil { // http.Error(w, "Failed to update verification", http.StatusInternalServerError) // return // } // jwtToken, err := GenerateJWT(v.ApplicantId) // if err != nil { // log.Println("JWT generation error:", err) // http.Error(w, "Failed to generate auth token", http.StatusInternalServerError) // return // } // cookie := &http.Cookie{ // Name: "auth_token", // Value: jwtToken, // Path: "/", // HttpOnly: true, // Domain: "." + os.Getenv("BASE_URL"), // or ".localhost" — this allows subdomains // Secure: true, // default to true (production) // MaxAge: 2 * 60 * 60, // SameSite: http.SameSiteLaxMode, // } // if config.ENV == "development" { // cookie.Secure = false // cookie.Domain = ".hyperia.local" // } // http.SetCookie(w, cookie) log.Println("Verification success.") http.Redirect(w, r, config.BASE_URL, http.StatusSeeOther) }