Matthew Dillon
parent
e756b13099
commit
7c253d7aa5
2 changed files with 17 additions and 1 deletions
|
|
@ -5,4 +5,6 @@ import "errors"
|
|||
var (
|
||||
// ErrExpiredToken when expired token.
|
||||
ErrExpiredToken = errors.New("this token has expired")
|
||||
// ErrInvalidToken when the role doesn't match the DB
|
||||
ErrInvalidToken = errors.New("this token needs to be reissued")
|
||||
)
|
||||
|
|
|
|||
|
|
@ -16,19 +16,30 @@ import (
|
|||
)
|
||||
|
||||
func verifyClaims(claims []byte, r *http.Request) error {
|
||||
// TODO: use helper
|
||||
currentTime := time.Now()
|
||||
var c types.Claims
|
||||
err := json.Unmarshal(claims, &c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if currentTime.After(time.Unix(c.Exp, 0)) {
|
||||
return errors.ErrExpiredToken
|
||||
}
|
||||
|
||||
user, err := models.GetUser(c.Sub, "", &c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if c.Role != user.Role {
|
||||
return errors.ErrInvalidToken
|
||||
}
|
||||
|
||||
context.Set(r, "claims", c)
|
||||
return nil
|
||||
}
|
||||
|
||||
func tokenHandler(h http.Handler) http.Handler {
|
||||
token := func(w http.ResponseWriter, r *http.Request) {
|
||||
recorder := httptest.NewRecorder()
|
||||
|
|
@ -73,16 +84,19 @@ func tokenRefresh(j *jwt.Middleware) errorHandler {
|
|||
if err != nil {
|
||||
return newJSONError(err, http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
user.Password = ""
|
||||
token, err := auth.Middleware.CreateToken(user.Email)
|
||||
if err != nil {
|
||||
return newJSONError(err, http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
data, _ := json.Marshal(struct {
|
||||
Token string `json:"token"`
|
||||
}{
|
||||
Token: token,
|
||||
})
|
||||
|
||||
w.Write(data)
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Reference in a new issue