Refactor example
This commit is contained in:
Matthew Dillon
parent
f3672c9a0c
commit
1d3c39bb49
2 changed files with 70 additions and 81 deletions
103
README.md
103
README.md
|
|
@ -9,73 +9,62 @@ your application:
|
|||
package main
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"time"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/thermokarst/jwt"
|
||||
"github.com/thermokarst/jwt"
|
||||
)
|
||||
|
||||
func protectMe(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, "secured")
|
||||
fmt.Fprintf(w, "secured")
|
||||
}
|
||||
|
||||
func dontProtectMe(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, "not secured")
|
||||
}
|
||||
|
||||
func auth(email string, password string) error {
|
||||
// Hard-code a user
|
||||
if email != "test" || password != "test" {
|
||||
return errors.New("invalid credentials")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setClaims(id string) (map[string]interface{}, error) {
|
||||
currentTime := time.Now()
|
||||
return map[string]interface{}{
|
||||
"iat": currentTime.Unix(),
|
||||
"exp": currentTime.Add(time.Minute * 60 * 24).Unix(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
func verifyClaims([]byte) error {
|
||||
// We don't really care about the claims, just approve as-is
|
||||
return nil
|
||||
}
|
||||
|
||||
func main() {
|
||||
authFunc := func(email string, password string) error {
|
||||
// Hard-code a user --- this could easily be a database call, etc.
|
||||
if email != "test" || password != "test" {
|
||||
return errors.New("invalid credentials")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
config := &jwt.Config{
|
||||
Secret: "password",
|
||||
Auth: auth,
|
||||
Claims: setClaims,
|
||||
}
|
||||
|
||||
claimsFunc := func(userId string) (map[string]interface{}, error) {
|
||||
currentTime := time.Now()
|
||||
return map[string]interface{}{
|
||||
"iat": currentTime.Unix(),
|
||||
"exp": currentTime.Add(time.Minute * 60 * 24).Unix(),
|
||||
"sub": userId,
|
||||
}, nil
|
||||
}
|
||||
j, err := jwt.New(config)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
verifyClaimsFunc := func(claims []byte) error {
|
||||
currentTime := time.Now()
|
||||
var c struct {
|
||||
Exp int64
|
||||
Iat int64
|
||||
Sub string
|
||||
}
|
||||
err := json.Unmarshal(claims, &c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if currentTime.After(time.Unix(c.Exp, 0)) {
|
||||
return errors.New("this token has expired!")
|
||||
}
|
||||
if c.Sub != "test" {
|
||||
return errors.New("who are you??!")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
protect := http.HandlerFunc(protectMe)
|
||||
dontProtect := http.HandlerFunc(dontProtectMe)
|
||||
|
||||
config := &jwt.Config{
|
||||
Secret: "password",
|
||||
Auth: authFunc,
|
||||
Claims: claimsFunc,
|
||||
}
|
||||
|
||||
j, err := jwt.New(config)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
protect := http.HandlerFunc(protectMe)
|
||||
|
||||
http.Handle("/authenticate", j.GenerateToken())
|
||||
http.Handle("/secure", j.Secure(protect, verifyClaimsFunc))
|
||||
|
||||
http.ListenAndServe(":8080", nil)
|
||||
http.Handle("/authenticate", j.GenerateToken())
|
||||
http.Handle("/secure", j.Secure(protect, verifyClaims))
|
||||
http.Handle("/insecure", dontProtect)
|
||||
http.ListenAndServe(":8080", nil)
|
||||
}
|
||||
```
|
||||
|
||||
|
|
|
|||
|
|
@ -17,32 +17,32 @@ func dontProtectMe(w http.ResponseWriter, r *http.Request) {
|
|||
fmt.Fprintf(w, "not secured")
|
||||
}
|
||||
|
||||
func auth(email string, password string) error {
|
||||
// Hard-code a user
|
||||
if email != "test" || password != "test" {
|
||||
return errors.New("invalid credentials")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setClaims(id string) (map[string]interface{}, error) {
|
||||
currentTime := time.Now()
|
||||
return map[string]interface{}{
|
||||
"iat": currentTime.Unix(),
|
||||
"exp": currentTime.Add(time.Minute * 60 * 24).Unix(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
func verifyClaims([]byte) error {
|
||||
// We don't really care about the claims, just approve as-is
|
||||
return nil
|
||||
}
|
||||
|
||||
func main() {
|
||||
authFunc := func(email string, password string) error {
|
||||
// Hard-code a user
|
||||
if email != "test" || password != "test" {
|
||||
return errors.New("invalid credentials")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
claimsFunc := func(string) (map[string]interface{}, error) {
|
||||
currentTime := time.Now()
|
||||
return map[string]interface{}{
|
||||
"iat": currentTime.Unix(),
|
||||
"exp": currentTime.Add(time.Minute * 60 * 24).Unix(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
verifyClaimsFunc := func([]byte) error {
|
||||
// We don't really care about the claims, just approve as-is
|
||||
return nil
|
||||
}
|
||||
|
||||
config := &jwt.Config{
|
||||
Secret: "password",
|
||||
Auth: authFunc,
|
||||
Claims: claimsFunc,
|
||||
Auth: auth,
|
||||
Claims: setClaims,
|
||||
}
|
||||
|
||||
j, err := jwt.New(config)
|
||||
|
|
@ -54,7 +54,7 @@ func main() {
|
|||
dontProtect := http.HandlerFunc(dontProtectMe)
|
||||
|
||||
http.Handle("/authenticate", j.GenerateToken())
|
||||
http.Handle("/secure", j.Secure(protect, verifyClaimsFunc))
|
||||
http.Handle("/secure", j.Secure(protect, verifyClaims))
|
||||
http.Handle("/insecure", dontProtect)
|
||||
http.ListenAndServe(":8080", nil)
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue