Allow token as query param
This commit is contained in:
Matthew Dillon
parent
e04139dd78
commit
7752009bbb
1 changed files with 14 additions and 2 deletions
16
jwt.go
16
jwt.go
|
|
@ -11,6 +11,7 @@ import (
|
|||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
)
|
||||
|
||||
|
|
@ -98,11 +99,22 @@ func New(c *Config) (*Middleware, error) {
|
|||
// to have it's own verification/validation protocol.
|
||||
func (m *Middleware) Secure(h http.Handler, v VerifyClaimsFunc) http.Handler {
|
||||
secureHandler := func(w http.ResponseWriter, r *http.Request) *jwtError {
|
||||
var token string
|
||||
|
||||
authHeader := r.Header.Get("Authorization")
|
||||
if authHeader == "" {
|
||||
return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken}
|
||||
queryParam := r.FormValue("token")
|
||||
if queryParam == "" {
|
||||
return &jwtError{status: http.StatusUnauthorized, err: ErrMissingToken}
|
||||
}
|
||||
var err error
|
||||
token, err = url.QueryUnescape(queryParam)
|
||||
if err != nil {
|
||||
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}
|
||||
}
|
||||
} else {
|
||||
token = strings.Split(authHeader, " ")[1]
|
||||
}
|
||||
token := strings.Split(authHeader, " ")[1]
|
||||
tokenParts := strings.Split(token, ".")
|
||||
if len(tokenParts) != 3 {
|
||||
return &jwtError{status: http.StatusUnauthorized, err: ErrMalformedToken}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue