Example #1
0
// LogoutHandler DELETE /user/auth
func LogoutHandler(w http.ResponseWriter, r *http.Request) {
	token := r.Header.Get("Authorization")

	err := auth.InvalidateToken(token)

	if err != nil {
		http.Error(w, err.Error(), http.StatusForbidden)
		return
	}

	fmt.Fprintf(w, "{}")
}
Example #2
0
// RefreshTokenHandler handles POST /users/refreshToken
func RefreshTokenHandler(w http.ResponseWriter, r *http.Request) {
	decoder := json.NewDecoder(r.Body)
	var b refreshTokenBody
	err := decoder.Decode(&b)

	if err != nil {
		http.Error(w, "Invalid Body.", http.StatusBadRequest)
		return
	}

	user, err := auth.ValidateJWTToken(b.Token)

	if err != nil {
		http.Error(w, err.Error(), http.StatusForbidden)
		return
	}

	token, err := auth.GenerateJWTToken(*user)

	if err != nil {
		http.Error(w, err.Error(), http.StatusForbidden)
		return
	}

	err = auth.InvalidateToken(b.Token)

	if err != nil {
		InternalServerError(err, w)
		return
	}

	user.AvatarURL = os.Getenv("BASE_URL") + "/users/" + user.Name + "/avatar"

	bytes, err := json.Marshal(authResponseBody{Token: token, User: *user})

	if err != nil {
		InternalServerError(err, w)
		return
	}

	w.Write(bytes)
}