From d205320e0e7e06fa00c44b70bd49046919ca6bd5 Mon Sep 17 00:00:00 2001
From: Vladimir Zagainov <mrixs@mrixs.ru>
Date: Tue, 26 May 2026 13:30:39 +0300
Subject: [PATCH] refactor: export GenerateToken for use by api package

---
 internal/auth/auth.go | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index e2493b5..a39eef6 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -110,8 +110,8 @@ func (h *Handler) authenticate(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Generate tokens.
-	accessToken := generateToken()
-	clientToken := generateToken()
+	accessToken := GenerateToken()
+	clientToken := GenerateToken()
 
 	// Store session.
 	expiresAt := time.Now().Add(24 * time.Hour)
@@ -174,7 +174,7 @@ func (h *Handler) refresh(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Rotate access token.
-	newAccessToken := generateToken()
+	newAccessToken := GenerateToken()
 	_, err = h.db.Pool().Exec(r.Context(),
 		`UPDATE yggdrasil_sessions SET access_token = $1, expires_at = $2
 		 WHERE access_token = $3`,
@@ -252,7 +252,8 @@ func verifyPassword(password, hash string) bool {
 	return subtle.ConstantTimeCompare([]byte(hex.EncodeToString(h[:])), []byte(hash)) == 1
 }
 
-func generateToken() string {
+// GenerateToken creates a random hex token (16 bytes → 32 hex chars).
+func GenerateToken() string {
 	b := make([]byte, 16)
 	_, _ = rand.Read(b)
 	return hex.EncodeToString(b)