Check exp claim if its provided

README.md

@@ -1,2 +1,20 @@
-# jwtauth
+Copyright (c) 2015-2016 Peter Kieltyka (https://twitter.com/peterk)
 
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

jwtauth.go

@@ -4,6 +4,7 @@ import (
 	"errors"
 	"net/http"
 	"strings"
+	"time"
 
 	"github.com/dgrijalva/jwt-go"
 	"github.com/pressly/chi"
@@ -88,6 +89,15 @@ func (ja *JwtAuth) Handle(paramAliases ...string) func(chi.Handler) chi.Handler
 				return
 			}
 
+			// Check expiry via "exp" claim
+			if exp, ok := token.Claims["exp"].(int64); ok {
+				now := EpochNow()
+				if exp < now {
+					http.Error(w, errUnauthorized.Error(), 401)
+					return
+				}
+			}
+
 			ctx = context.WithValue(ctx, "jwt", token.Raw)
 			ctx = context.WithValue(ctx, "jwt.token", token)
 
@@ -123,3 +133,8 @@ func (ja *JwtAuth) Decode(tokenString string) (t *jwt.Token, err error) {
 	}
 	return jwt.Parse(tokenString, ja.keyFunc)
 }
+
+// Return the NumericDate time value used in conventional jwt claims
+func EpochNow() int64 {
+	return time.Now().UTC().Unix()
+}