// ValidateClaim validate the JWT token and return the user model // decoded from the claim func ValidateClaim(certs *Certs, token string) (*models.User, error) { usr := new(models.User) w, err := jws.ParseJWT([]byte(token)) if err != nil { return nil, err } if err := w.Validate(certs.PublicKey, crypto.SigningMethodRS512); err != nil { return nil, err } _, isExpired := w.Claims().Expiration() if !isExpired { return nil, ErrTokenExpired } usr.Email = extractKey("email", w.Claims()) usr.Login = extractKey("login", w.Claims()) usr.ID = extractKey("user_id", w.Claims()) return usr, nil }