generate open token using normal token

local/middleware/auth.go

@@ -106,6 +106,13 @@ func (m *AuthMiddleware) AuthenticateWithHandler(jwtHandler *jwt.JWTHandler, isO
 		})
 	}
 
+	if !jwtHandler.IsOpenToken && claims.IsOpenToken {
+		logging.Error("Authentication failed: attempting to authenticate with open token")
+		return ctx.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+			"error": "Wrong token type used",
+		})
+	}
+
 	// Additional security: validate user ID format
 	if claims.UserID == "" || len(claims.UserID) < 10 {
 		logging.Error("Authentication failed: invalid user ID in token from IP %s", ip)

local/service/membership.go

@@ -63,16 +63,11 @@ func (s *MembershipService) Login(ctx context.Context, username, password string
 		return "", err
 	}
 
-	return s.jwtHandler.GenerateToken(user)
+	return s.jwtHandler.GenerateToken(user.ID.String())
 }
 
 func (s *MembershipService) GenerateOpenToken(ctx context.Context, userId string) (string, error) {
-	user, err := s.repo.GetByID(ctx, userId)
-	if err != nil {
-		return "", err
-	}
-
-	return s.openJwtHandler.GenerateToken(user)
+	return s.openJwtHandler.GenerateToken(userId)
 }
 
 // CreateUser creates a new user.

local/utl/configs/configs.go

@@ -8,7 +8,7 @@ import (
 )
 
 var (
-	Version       = "0.10.5"
+	Version       = "0.10.6"
 	Prefix        = "v1"
 	Secret        string
 	SecretCode    string

local/utl/jwt/jwt.go

@@ -13,7 +13,8 @@ import (
 
 // Claims represents the JWT claims.
 type Claims struct {
-	UserID string `json:"user_id"`
+	UserID      string `json:"user_id"`
+	IsOpenToken bool   `json:"is_open_token"`
 	jwt.RegisteredClaims
 }
 
@@ -70,13 +71,14 @@ func (jh *JWTHandler) GenerateSecretKey() string {
 }
 
 // GenerateToken generates a new JWT for a given user.
-func (jh *JWTHandler) GenerateToken(user *model.User) (string, error) {
+func (jh *JWTHandler) GenerateToken(userId string) (string, error) {
 	expirationTime := time.Now().Add(24 * time.Hour)
 	claims := &Claims{
-		UserID: user.ID.String(),
+		UserID: userId,
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(expirationTime),
 		},
+		IsOpenToken: jh.IsOpenToken,
 	}
 
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
@@ -90,6 +92,7 @@ func (jh *JWTHandler) GenerateTokenWithExpiry(user *model.User, expiry time.Time
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(expirationTime),
 		},
+		IsOpenToken: jh.IsOpenToken,
 	}
 
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)

tests/auth_helper.go

@@ -28,7 +28,7 @@ func GenerateTestToken() (string, error) {
 	jwtHandler := jwt.NewJWTHandler(testSecret)
 
 	// Generate JWT token
-	token, err := jwtHandler.GenerateToken(user)
+	token, err := jwtHandler.GenerateToken(user.ID.String())
 	if err != nil {
 		return "", fmt.Errorf("failed to generate test token: %w", err)
 	}
@@ -55,7 +55,7 @@ func GenerateTestTokenWithExpiry(expiryTime time.Time) (string, error) {
 		testSecret = "test-secret-that-is-at-least-32-bytes-long-for-security"
 	}
 	jwtHandler := jwt.NewJWTHandler(testSecret)
-	
+
 	// Create test user
 	user := &model.User{
 		ID:       uuid.New(),

tests/unit/service/auth_simple_test.go

@@ -26,7 +26,7 @@ func TestJWT_GenerateAndValidateToken(t *testing.T) {
 	}
 
 	// Test JWT generation
-	token, err := jwtHandler.GenerateToken(user)
+	token, err := jwtHandler.GenerateToken(user.ID.String())
 	tests.AssertNoError(t, err)
 	tests.AssertNotNil(t, token)