feat: set up token signing

config/runtime.exs

@@ -20,6 +20,9 @@ if System.get_env("PHX_SERVER") do
   config :comfycamp, ComfycampWeb.Endpoint, server: true
 end
 
+config :comfycamp,
+  jwt_secret: System.get_env("JWT_SECRET")
+
 if config_env() == :prod do
   database_url =
     System.get_env("DATABASE_URL") ||

lib/comfycamp/token.ex

@@ -1,3 +1,9 @@
 defmodule Comfycamp.Token do
   use Joken.Config
+
+  def sign(claims) do
+    secret = Application.fetch_env!(:comfycamp, :jwt_secret)
+    signer = Joken.Signer.create("HS256", secret)
+    Joken.Signer.sign(claims, signer)
+  end
 end

lib/comfycamp_web/controllers/oauth_controller.ex

@@ -99,7 +99,7 @@ defmodule ComfycampWeb.OauthController do
     {access_token, refresh_token} = Accounts.generate_oauth_tokens(code.user)
 
     id_token = IDToken.build_id_token(code.user, oidc_app.client_id)
-    {:ok, signed_id_token, _claims} = Token.generate_and_sign(id_token)
+    signed_id_token = Token.sign(id_token)
 
     render(conn, :token,
       access_token: access_token,