// ValidateClaim validate the JWT token and return the user model
// decoded from the claim
func ValidateClaim(certs *Certs, token string) (*models.User, error) {
usr := new(models.User)
w, err := jws.ParseJWT([]byte(token))
if err != nil {
return nil, err
}
if err := w.Validate(certs.PublicKey, crypto.SigningMethodRS512); err != nil {
return nil, err
}
_, isExpired := w.Claims().Expiration()
if !isExpired {
return nil, ErrTokenExpired
}
usr.Email = extractKey("email", w.Claims())
usr.Login = extractKey("login", w.Claims())
usr.ID = extractKey("user_id", w.Claims())
return usr, nil
}
