Paul 6 лет назад
Родитель
Сommit
f4478e348d
1 измененных файлов: 24 добавлений и 9 удалений
  1. 24
    9
      middleware/auth/auth.go

+ 24
- 9
middleware/auth/auth.go Просмотреть файл

@@ -2,11 +2,10 @@ package auth
2 2
 
3 3
 import (
4 4
 	"fmt"
5
-	"net/http"
6
-	"time"
7
-
8 5
 	"github.com/dgrijalva/jwt-go"
9 6
 	"github.com/gin-gonic/gin"
7
+	"net/http"
8
+	"time"
10 9
 )
11 10
 
12 11
 const (
@@ -53,23 +52,39 @@ func Auth(authKey string) gin.HandlerFunc {
53 52
 
54 53
 		if mapClaims, ok := token.Claims.(jwt.MapClaims); ok {
55 54
 			if expired, ok := mapClaims[ctxRequestTokenExpired].(float64); ok {
56
-				if expired == 0 {
55
+				switch true {
56
+				case expired > 0:
57
+					if int64(expired) < time.Now().Unix() {
58
+						ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
59
+						return
60
+					}
61
+
62
+					// todo check expired from server
63
+				case expired == 0:
57 64
 					// Only cookie is exists, check token expired. app expired by itself call logout when app exit
58 65
 					if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
59 66
 						ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
60 67
 						return
61 68
 					}
62
-				}
63 69
 
64
-				if expired < 0 || (int64(expired) < time.Now().Unix()) {
70
+				default:
65 71
 					ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
66 72
 					return
67 73
 				}
68
-			}
69 74
 
70
-			if uid, ok := mapClaims[CtxRequestHeaderUserId].(float64); ok {
71
-				ctx.Set(CtxRequestHeaderUserId, int64(uid))
75
+				if uid, ok := mapClaims[CtxRequestHeaderUserId].(float64); ok {
76
+					ctx.Set(CtxRequestHeaderUserId, int64(uid))
77
+				} else {
78
+					ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, mapClaims[CtxRequestHeaderUserId].(float64) error"})
79
+					return
80
+				}
81
+			} else {
82
+				ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, mapClaims[ctxRequestTokenExpired].(float64) error"})
83
+				return
72 84
 			}
85
+		} else {
86
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token.Claims.(jwt.MapClaims) error"})
87
+			return
73 88
 		}
74 89
 	}
75 90
 }