Restructure go project (#2356)

* Move main to cmd
* Move api to internal
* Move logger and manager to internal
* Move shell hiding code to separate package
* Decouple job from desktop and utils
* Decouple session from config
* Move static into internal
* Decouple config from dlna
* Move desktop to internal
* Move dlna to internal
* Decouple remaining packages from config
* Move config into internal
* Move jsonschema and paths to models
* Make ffmpeg functions private
* Move file utility methods into fsutil package
* Move symwalk into fsutil
* Move single-use util functions into client package
* Move slice functions to separate packages
* Add env var to suppress windowsgui arg
* Move hash functions into separate package
* Move identify to internal
* Move autotag to internal
* Touch UI when generating backend

internal/manager/apikey.go

@@ -0,0 +1,55 @@
+package manager
+
+import (
+	"errors"
+	"time"
+
+	"github.com/golang-jwt/jwt/v4"
+	"github.com/stashapp/stash/internal/manager/config"
+)
+
+var ErrInvalidToken = errors.New("invalid apikey")
+
+const APIKeySubject = "APIKey"
+
+type APIKeyClaims struct {
+	UserID string `json:"uid"`
+	jwt.StandardClaims
+}
+
+func GenerateAPIKey(userID string) (string, error) {
+	claims := &APIKeyClaims{
+		UserID: userID,
+		StandardClaims: jwt.StandardClaims{
+			Subject:  APIKeySubject,
+			IssuedAt: time.Now().Unix(),
+		},
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+
+	ss, err := token.SignedString(config.GetInstance().GetJWTSignKey())
+	if err != nil {
+		return "", err
+	}
+
+	return ss, nil
+}
+
+// GetUserIDFromAPIKey validates the provided api key and returns the user ID
+func GetUserIDFromAPIKey(apiKey string) (string, error) {
+	claims := &APIKeyClaims{}
+	token, err := jwt.ParseWithClaims(apiKey, claims, func(t *jwt.Token) (interface{}, error) {
+		return config.GetInstance().GetJWTSignKey(), nil
+	})
+
+	if err != nil {
+		return "", err
+	}
+
+	if !token.Valid {
+		return "", ErrInvalidToken
+	}
+
+	return claims.UserID, nil
+}