Beispiel #1
0
func (c *JwtAuth) Token() revel.Result {
	user, err := c.parseUserInfo()
	if err != nil {
		revel.ERROR.Printf("Unable to read user info %q", err)
		c.Response.Status = http.StatusBadRequest
		return c.RenderJson(map[string]string{
			"id":      "bad_request",
			"message": "Unable to read user info",
		})
	}

	if subject, pass := jwt.Authenticate(user.Username, user.Password); pass {
		token, err := jwt.GenerateToken(subject)
		if err != nil {
			c.Response.Status = http.StatusInternalServerError
			return c.RenderJson(map[string]string{
				"id":      "server_error",
				"message": "Unable to generate token",
			})
		}

		return c.RenderJson(map[string]string{
			"token": token,
		})
	}

	c.Response.Status = http.StatusUnauthorized
	c.Response.Out.Header().Set("Www-Authenticate", jwt.Realm)

	return c.RenderJson(map[string]string{
		"id":      "unauthorized",
		"message": "Invalid credentials",
	})
}
Beispiel #2
0
func (c *JwtAuth) RefreshToken() revel.Result {
	claims := c.Args[jwt.TokenClaimsKey].(map[string]interface{})
	revel.INFO.Printf("Claims: %q", claims)

	tokenString, err := jwt.GenerateToken(claims[jwt.SubjectKey].(string))
	if err != nil {
		c.Response.Status = http.StatusInternalServerError
		return c.RenderJson(map[string]string{
			"id":      "server_error",
			"message": "Unable to generate token",
		})
	}

	// Issued new token and adding existing token into blocklist for remaining validitity period
	// Let's say if existing token is valid for another 10 minutes, then it reside 10 mintues
	// in the blocklist
	go addToBlocklist(c.Request, claims)

	return c.RenderJson(map[string]string{
		"token": tokenString,
	})
}