mirror of
https://forgejo.merr.is/annika/jwtauth.git
synced 2025-12-11 13:47:41 -05:00
Check exp claim if its provided
This commit is contained in:
Peter Kieltyka
parent
80de8820dc
commit
6635f4beea
3 changed files with 34 additions and 1 deletions
15
jwtauth.go
15
jwtauth.go
|
|
@ -4,6 +4,7 @@ import (
|
|||
"errors"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
"github.com/pressly/chi"
|
||||
|
|
@ -88,6 +89,15 @@ func (ja *JwtAuth) Handle(paramAliases ...string) func(chi.Handler) chi.Handler
|
|||
return
|
||||
}
|
||||
|
||||
// Check expiry via "exp" claim
|
||||
if exp, ok := token.Claims["exp"].(int64); ok {
|
||||
now := EpochNow()
|
||||
if exp < now {
|
||||
http.Error(w, errUnauthorized.Error(), 401)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
ctx = context.WithValue(ctx, "jwt", token.Raw)
|
||||
ctx = context.WithValue(ctx, "jwt.token", token)
|
||||
|
||||
|
|
@ -123,3 +133,8 @@ func (ja *JwtAuth) Decode(tokenString string) (t *jwt.Token, err error) {
|
|||
}
|
||||
return jwt.Parse(tokenString, ja.keyFunc)
|
||||
}
|
||||
|
||||
// Return the NumericDate time value used in conventional jwt claims
|
||||
func EpochNow() int64 {
|
||||
return time.Now().UTC().Unix()
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue