diff options
Diffstat (limited to 'api/auth/auth.go')
| -rw-r--r-- | api/auth/auth.go | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/api/auth/auth.go b/api/auth/auth.go index 23b4f53..b382beb 100644 --- a/api/auth/auth.go +++ b/api/auth/auth.go @@ -1,9 +1,12 @@ package auth import ( - "github.com/golang-jwt/jwt/v5" + "errors" "os" + "strings" "time" + + "github.com/golang-jwt/jwt/v5" ) var jwtKey = []byte(os.Getenv("JWT_SECRET")) @@ -32,7 +35,13 @@ func GenerateJWT(userID int) (string, error) { func ValidateJWT(tokenString string) (*Claims, error) { claims := &Claims{} - token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) { + // A token has a form `Bearer ...` + tokenParts := strings.Split(tokenString, " ") + if len(tokenParts) != 2 { + return nil, errors.New("not valid JWT") + } + + token, err := jwt.ParseWithClaims(tokenParts[1], claims, func(token *jwt.Token) (interface{}, error) { return jwtKey, nil }) |