From b2f56d9add07bdd66b5a24f0cc3c4467a9ddfc66 Mon Sep 17 00:00:00 2001
From: Hadi Zamani <130847170+hadizamani021@users.noreply.github.com>
Date: Tue, 21 Jan 2025 05:46:46 +0330
Subject: [PATCH] Add JWT authentication to fs.mergeVolumes command (#6461)

Add jwt authentication to fs.mergeVolumes command
---
 weed/shell/command_fs_merge_volumes.go | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/weed/shell/command_fs_merge_volumes.go b/weed/shell/command_fs_merge_volumes.go
index e14a1e670..e98f8e7c8 100644
--- a/weed/shell/command_fs_merge_volumes.go
+++ b/weed/shell/command_fs_merge_volumes.go
@@ -10,10 +10,12 @@ import (
 	"sort"
 	"strings"
 
+	"slices"
+
+	"github.com/seaweedfs/seaweedfs/weed/security"
 	"github.com/seaweedfs/seaweedfs/weed/storage/needle"
 	"github.com/seaweedfs/seaweedfs/weed/wdclient"
 	"golang.org/x/exp/maps"
-	"slices"
 
 	"github.com/seaweedfs/seaweedfs/weed/operation"
 	"github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
@@ -341,6 +343,14 @@ func moveChunk(chunk *filer_pb.FileChunk, toVolumeId needle.VolumeId, masterClie
 		return err
 	}
 
+	v := util.GetViper()
+	signingKey := v.GetString("jwt.signing.key")
+	var jwt security.EncodedJwt
+	if signingKey != "" {
+		expiresAfterSec := v.GetInt("jwt.signing.expires_after_seconds")
+		jwt = security.GenJwtForVolumeServer(security.SigningKey(signingKey), expiresAfterSec, toFid.String())
+	}
+
 	_, err, _ = uploader.Upload(reader, &operation.UploadOption{
 		UploadUrl:         uploadURL,
 		Filename:          filename,
@@ -349,6 +359,7 @@ func moveChunk(chunk *filer_pb.FileChunk, toVolumeId needle.VolumeId, masterClie
 		MimeType:          contentType,
 		PairMap:           nil,
 		Md5:               md5,
+		Jwt:               security.EncodedJwt(jwt),
 	})
 	if err != nil {
 		return err