lots of stuff, don't truly remember

internal/config/jwt.go

@@ -20,8 +20,8 @@ var JWT *JWTConfig
 func InitJWT() {
 	JWT = &JWTConfig{
 		SecretKey:            os.Getenv("JWT_SECRET_KEY"),
-		AccessTokenDuration:  15 * time.Minute,
-		RefreshTokenDuration: 7 * 24 * time.Hour,
+		AccessTokenDuration:  24 * time.Hour,      // 24 hours (was 15 minutes)
+		RefreshTokenDuration: 30 * 24 * time.Hour, // 30 days (was 7 days)
 		ResetTokenDuration:   1 * time.Hour,
 	}
 
@@ -34,15 +34,17 @@ type CustomClaims struct {
 	UserID    uint   `json:"user_id"`
 	Email     string `json:"email"`
 	Username  string `json:"username"`
+	Role      string `json:"role"`
 	TokenType string `json:"token_type"`
 	jwt.RegisteredClaims
 }
 
-func GenerateAccessToken(userID uint, email, username string) (string, error) {
+func GenerateAccessToken(userID uint, email, username, role string) (string, error) {
 	claims := CustomClaims{
 		UserID:    userID,
 		Email:     email,
 		Username:  username,
+		Role:      role,
 		TokenType: "access",
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(JWT.AccessTokenDuration)),
@@ -55,11 +57,12 @@ func GenerateAccessToken(userID uint, email, username string) (string, error) {
 	return token.SignedString([]byte(JWT.SecretKey))
 }
 
-func GenerateRefreshToken(userID uint, email, username string) (string, error) {
+func GenerateRefreshToken(userID uint, email, username, role string) (string, error) {
 	claims := CustomClaims{
 		UserID:    userID,
 		Email:     email,
 		Username:  username,
+		Role:      role,
 		TokenType: "refresh",
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(JWT.RefreshTokenDuration)),
@@ -122,4 +125,4 @@ func VerifyAccessToken(tokenString string) (*CustomClaims, error) {
 	}
 
 	return claims, nil
-}
+}