safe assert

middleware/auth/auth.go

@@ -51,16 +51,20 @@ func Auth(authKey string) gin.HandlerFunc {
 			return
 		}
 
-		mapClaims := token.Claims.(jwt.MapClaims)
-		expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
-		if expired < time.Now().Unix() {
-			// Only cookie is blank value, check token expired
-			if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
-				ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
-				return
+		if mapClaims, ok := token.Claims.(jwt.MapClaims); ok {
+			if expired, ok := mapClaims[ctxRequestTokenExpired].(float64); ok {
+				if int64(expired) < time.Now().Unix() {
+					// Only cookie is blank value, check token expired
+					if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
+						ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
+						return
+					}
+				}
 			}
-		}
 
-		ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
+			if uid, ok := mapClaims[CtxRequestHeaderUserId].(float64); ok {
+				ctx.Set(CtxRequestHeaderUserId, int(uid))
+			}
+		}
 	}
 }

middleware/auth/optional_auth.go

@@ -40,15 +40,19 @@ func OptionalAuth(authKey string) gin.HandlerFunc {
 			return
 		}
 
-		mapClaims := token.Claims.(jwt.MapClaims)
-		expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
-		if expired < time.Now().Unix() {
-			// Only cookie is blank value, check token expired
-			if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
-				return
+		if mapClaims, ok := token.Claims.(jwt.MapClaims); ok {
+			if expired, ok := mapClaims[ctxRequestTokenExpired].(float64); ok {
+				if int64(expired) < time.Now().Unix() {
+					// Only cookie is blank value, check token expired
+					if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
+						return
+					}
+				}
 			}
-		}
 
-		ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
+			if uid, ok := mapClaims[CtxRequestHeaderUserId].(float64); ok {
+				ctx.Set(CtxRequestHeaderUserId, int(uid))
+			}
+		}
 	}
 }