summaryrefslogtreecommitdiff
path: root/db/rest/login/_api_sign_jwt.sql
diff options
context:
space:
mode:
Diffstat (limited to 'db/rest/login/_api_sign_jwt.sql')
-rw-r--r--db/rest/login/_api_sign_jwt.sql33
1 files changed, 33 insertions, 0 deletions
diff --git a/db/rest/login/_api_sign_jwt.sql b/db/rest/login/_api_sign_jwt.sql
new file mode 100644
index 0000000..dc8e920
--- /dev/null
+++ b/db/rest/login/_api_sign_jwt.sql
@@ -0,0 +1,33 @@
+CREATE FUNCTION _api.sign_jwt(
+ _role TEXT,
+ _user_id INTEGER
+)
+RETURNS sys.JWT
+LANGUAGE plpgsql VOLATILE
+AS $BODY$
+DECLARE
+ _jwt_secret TEXT;
+ _token sys.JWT;
+BEGIN
+ SELECT jwt_secret INTO _jwt_secret
+ FROM sys.database_info
+ WHERE name = current_database();
+
+ SELECT public.sign(
+ row_to_json(r), _jwt_secret
+ ) INTO _token
+ FROM (
+ SELECT
+ _role AS role,
+ _user_id AS user_id,
+ extract(epoch FROM now())::integer + (60 * 60 * 24) AS exp
+ ) r;
+
+ RETURN _token;
+END
+$BODY$;
+
+GRANT EXECUTE ON FUNCTION _api.sign_jwt(TEXT, INTEGER)
+ TO rest_anon, rest_user;
+GRANT SELECT ON TABLE sys.database_info
+ TO rest_anon, rest_user;
generated by cgit v1.2.3-freya (git 2.51.0) at 2025-09-27 12:12:50 +0000