feat: add token IDs, store tokens in db for early invalidation
This commit is contained in:
parent
58c1c1794e
commit
e5723360a7
GPG key ID:
B4EF20DDE721CAA1
7 changed files with 248 additions and 9 deletions
|
|
@ -5,6 +5,7 @@ import (
|
|||
"net/http"
|
||||
"strings"
|
||||
|
||||
"codeberg.org/u1f320/pronouns.cc/backend/log"
|
||||
"codeberg.org/u1f320/pronouns.cc/backend/server/auth"
|
||||
"github.com/go-chi/render"
|
||||
)
|
||||
|
|
@ -28,6 +29,27 @@ func (s *Server) maybeAuth(next http.Handler) http.Handler {
|
|||
return
|
||||
}
|
||||
|
||||
// "valid" here refers to existence and expiry date, not whether the token is known
|
||||
valid, err := s.DB.TokenValid(r.Context(), claims.UserID, claims.TokenID)
|
||||
if err != nil {
|
||||
log.Errorf("validating token for user %v: %v", claims.UserID, err)
|
||||
render.Status(r, errCodeStatuses[ErrInternalServerError])
|
||||
render.JSON(w, r, APIError{
|
||||
Code: ErrInternalServerError,
|
||||
Message: errCodeMessages[ErrInternalServerError],
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
if !valid {
|
||||
render.Status(r, errCodeStatuses[ErrInvalidToken])
|
||||
render.JSON(w, r, APIError{
|
||||
Code: ErrInvalidToken,
|
||||
Message: errCodeMessages[ErrInvalidToken],
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
ctx := context.WithValue(r.Context(), ctxKeyClaims, claims)
|
||||
|
||||
next.ServeHTTP(w, r.WithContext(ctx))
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue