token response changed

Marko Tikvić
1 parent 4a51e54d7e
Showing 3 changed files with 14 additions and 17 deletions Show diff stats
README.md
auth_utility.go
http_utility.go
 TODO:  
 * http utility:  
   1. add parameters to the ProcessHeaders to enable/disable token/role-access-rights checks
+	2. check for Content-Type header, if clients expects something other than JSON respond with appropriate HTTP code
@@ -16,10 +16,6 @@ const saltSize = 32
 const appName  = "korisnicki-centar"
 const secret   = "korisnicki-centar-api"
  
-type Token struct {
-	TokenString string `json:"token"`
-}
-
 type TokenClaims struct {
 	Username string `json:"username"`
 	Role string     `json:"role"`
@@ -75,12 +71,12 @@ func HashMessage(message string, presalt string) (string, string, error) {
 	return hash, salt, nil
 }
  
-func IssueAPIToken(username, role string) (Token, error) {
-	var apiToken Token
+func IssueAPIToken(username, role string) (string, error) {
+	var apiToken string 
 	var err error
  
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
  
 	claims := TokenClaims{
@@ -93,33 +89,33 @@ func IssueAPIToken(username, role string) (Token, error) {
 	}
  
 	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	apiToken.TokenString, err = jwtToken.SignedString([]byte(secret))
+	apiToken, err = jwtToken.SignedString([]byte(secret))
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
 	return apiToken, nil
 }
  
-func RefreshAPIToken(tokenString string) (Token, error) {
-	var newToken Token
+func RefreshAPIToken(tokenString string) (string, error) {
+	var newToken string 
 	tokenString = strings.TrimPrefix(tokenString, "Bearer ")
 	token, err := parseTokenFunc(tokenString)
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
  
 	// type assertion
 	claims, ok := token.Claims.(*TokenClaims)
 	if !ok || !token.Valid {
-		return Token{}, errors.New("token is not valid")
+		return "", errors.New("token is not valid")
 	}
  
 	claims.ExpiresAt = (time.Now().Add(OneWeek)).Unix()
 	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
  
-	newToken.TokenString, err = jwtToken.SignedString([]byte(secret))
+	newToken, err = jwtToken.SignedString([]byte(secret))
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
  
 	return newToken, nil
@@ -69,7 +69,7 @@ func RespondWithHttpError500(w http.ResponseWriter, req *http.Request) {
  
 //TODO: Add parameters to enable/disable token and roles authorization checks
 // Sets common headers and checks for token validity.
-func ProcessHeaders(fn http.HandlerFunc, shouldAuth bool) http.HandlerFunc {
+func ProcessHeaders(fn http.HandlerFunc, authEnabled bool) http.HandlerFunc {
 	return func(w http.ResponseWriter, req *http.Request) {
 //		@TODO: check Content-type header (must be application/json)
 //		ctype := w.Header.Get("Content-Type")
@@ -98,7 +98,7 @@ func ProcessHeaders(fn http.HandlerFunc, shouldAuth bool) http.HandlerFunc {
 			return
 		}
  
-		if shouldAuth {
+		if authEnabled {
 			if req.URL.Path != _apiVersion + _authEndPoint {
 				token := req.Header.Get("Authorization")
 				if _, err := ParseAPIToken(token); err != nil {
1	1	TODO:
2	2	* http utility:
3	3	1. add parameters to the ProcessHeaders to enable/disable token/role-access-rights checks
	4	+ 2. check for Content-Type header, if clients expects something other than JSON respond with appropriate HTTP code
...	...
...	...	@@ -16,10 +16,6 @@ const saltSize = 32
16	16	const appName = "korisnicki-centar"
17	17	const secret = "korisnicki-centar-api"
18	18
19		-type Token struct {
20		- TokenString string `json:"token"`
21		-}
22		-
23	19	type TokenClaims struct {
24	20	Username string `json:"username"`
25	21	Role string `json:"role"`
...	...	@@ -75,12 +71,12 @@ func HashMessage(message string, presalt string) (string, string, error) {
75	71	return hash, salt, nil
76	72	}
77	73
78		-func IssueAPIToken(username, role string) (Token, error) {
79		- var apiToken Token
	74	+func IssueAPIToken(username, role string) (string, error) {
	75	+ var apiToken string
80	76	var err error
81	77
82	78	if err != nil {
83		- return Token{}, err
	79	+ return "", err
84	80	}
85	81
86	82	claims := TokenClaims{
...	...	@@ -93,33 +89,33 @@ func IssueAPIToken(username, role string) (Token, error) {
93	89	}
94	90
95	91	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
96		- apiToken.TokenString, err = jwtToken.SignedString([]byte(secret))
	92	+ apiToken, err = jwtToken.SignedString([]byte(secret))
97	93	if err != nil {
98		- return Token{}, err
	94	+ return "", err
99	95	}
100	96	return apiToken, nil
101	97	}
102	98
103		-func RefreshAPIToken(tokenString string) (Token, error) {
104		- var newToken Token
	99	+func RefreshAPIToken(tokenString string) (string, error) {
	100	+ var newToken string
105	101	tokenString = strings.TrimPrefix(tokenString, "Bearer ")
106	102	token, err := parseTokenFunc(tokenString)
107	103	if err != nil {
108		- return Token{}, err
	104	+ return "", err
109	105	}
110	106
111	107	// type assertion
112	108	claims, ok := token.Claims.(*TokenClaims)
113	109	if !ok \|\| !token.Valid {
114		- return Token{}, errors.New("token is not valid")
	110	+ return "", errors.New("token is not valid")
115	111	}
116	112
117	113	claims.ExpiresAt = (time.Now().Add(OneWeek)).Unix()
118	114	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
119	115
120		- newToken.TokenString, err = jwtToken.SignedString([]byte(secret))
	116	+ newToken, err = jwtToken.SignedString([]byte(secret))
121	117	if err != nil {
122		- return Token{}, err
	118	+ return "", err
123	119	}
124	120
125	121	return newToken, nil
...	...
...	...	@@ -69,7 +69,7 @@ func RespondWithHttpError500(w http.ResponseWriter, req *http.Request) {
69	69
70	70	//TODO: Add parameters to enable/disable token and roles authorization checks
71	71	// Sets common headers and checks for token validity.
72		-func ProcessHeaders(fn http.HandlerFunc, shouldAuth bool) http.HandlerFunc {
	72	+func ProcessHeaders(fn http.HandlerFunc, authEnabled bool) http.HandlerFunc {
73	73	return func(w http.ResponseWriter, req *http.Request) {
74	74	// @TODO: check Content-type header (must be application/json)
75	75	// ctype := w.Header.Get("Content-Type")
...	...	@@ -98,7 +98,7 @@ func ProcessHeaders(fn http.HandlerFunc, shouldAuth bool) http.HandlerFunc {
98	98	return
99	99	}
100	100
101		- if shouldAuth {
	101	+ if authEnabled {
102	102	if req.URL.Path != _apiVersion + _authEndPoint {
103	103	token := req.Header.Get("Authorization")
104	104	if _, err := ParseAPIToken(token); err != nil {
...	...