feat(server): add allowed_roles in access_token + refresh_token

2022-11-07 07:11:23 +05:30 · 2022-11-07 07:11:23 +05:30 · 4afd544c41
commit 4afd544c41
parent 307c6f7d15
1 changed files with 22 additions and 20 deletions
--- a/server/token/auth_token.go
+++ b/server/token/auth_token.go
@ -124,6 +124,7 @@ func CreateRefreshToken(user models.User, roles, scopes []string, hostname, nonc
 		"scope":         scopes,
 		"nonce":         nonce,
 		"login_method":  loginMethod,
+		"allowed_roles": strings.Split(user.Roles, ","),
 	}

 	token, err := SignJWTToken(customClaims)
@ -163,6 +164,7 @@ func CreateAccessToken(user models.User, roles, scopes []string, hostName, nonce
 		"scope":         scopes,
 		"roles":         roles,
 		"login_method":  loginMethod,
+		"allowed_roles": strings.Split(user.Roles, ","),
 	}

 	token, err := SignJWTToken(customClaims)