lavender/server/verify.go

package server

import (
	"github.com/1f349/violet/utils"
	"github.com/MrMelon54/mjwt"
	"github.com/MrMelon54/mjwt/auth"
	"github.com/julienschmidt/httprouter"
	"net/http"
)

func (h *HttpServer) verifyHandler(rw http.ResponseWriter, req *http.Request, _ httprouter.Params) {
	// find bearer token
	bearer := utils.GetBearer(req)
	if bearer == "" {
		http.Error(rw, "Missing bearer", http.StatusForbidden)
		return
	}

	// after this mjwt is considered valid
	_, b, err := mjwt.ExtractClaims[auth.AccessTokenClaims](h.signer, bearer)
	if err != nil {
		http.Error(rw, "Invalid token", http.StatusForbidden)
		return
	}

	// check issuer against config
	if b.Issuer != h.baseUrl {
		http.Error(rw, "Invalid issuer", http.StatusBadRequest)
		return
	}

	rw.WriteHeader(http.StatusOK)
}
Start coding lavender 2023-10-01 21:44:49 +01:00			`package server`

			`import (`
			`"github.com/1f349/violet/utils"`
			`"github.com/MrMelon54/mjwt"`
			`"github.com/MrMelon54/mjwt/auth"`
			`"github.com/julienschmidt/httprouter"`
			`"net/http"`
			`)`

			`func (h HttpServer) verifyHandler(rw http.ResponseWriter, req http.Request, _ httprouter.Params) {`
			`// find bearer token`
			`bearer := utils.GetBearer(req)`
			`if bearer == "" {`
			`http.Error(rw, "Missing bearer", http.StatusForbidden)`
			`return`
			`}`

			`// after this mjwt is considered valid`
			`_, b, err := mjwt.ExtractClaims[auth.AccessTokenClaims](h.signer, bearer)`
			`if err != nil {`
			`http.Error(rw, "Invalid token", http.StatusForbidden)`
			`return`
			`}`

			`// check issuer against config`
			`if b.Issuer != h.baseUrl {`
			`http.Error(rw, "Invalid issuer", http.StatusBadRequest)`
			`return`
			`}`

			`rw.WriteHeader(http.StatusOK)`
			`}`