tweak middleware headers; v0.2.1
Iris Lightshard nilix@nilfm.cc
PGP Signature
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEkFh6dA+k/6CXFXU4O3+8IhROY5gFAmPTSwgACgkQO3+8IhRO Y5i6XA//dsa83zv55Z/j9gHk389bCz1TO9J+lW/+X5eXsiQEzdGnu+luoS1A15K3 tfQJ4GVchlAAFaukjCd06voooY5B0iHM+qvUBLJlkeRZCTTOTxXC+rXuvdNStdfo yKVSy3QrLpaUguh/otCi/9q5bDmF01V+JMPOuF+onqpGbTFLJ0ZsBY5U5M2aiFGM ecHnhasaZ52JYC/IteuDSMG+JTcYkFQlvQ1D0OIxG6RriJuslKRjDcTT63SMeO3U qS99AjBX83sBAug/CJQ0bCdAwQt7yFoh655ZluWGtBsUZpQOOgtreuRR52ziXBvv X2vo2kPWFr6BO0XDSVfkvk8zESEL0sZtzZ6gn5BfNOU+BOsgse3EoQC/WiqCrZmh xTdST6T+FrkcRuJfgs8X86gMdOiKT+BDOQLiHnb9ch0zGiQRcWp7vAy4BO8Tw0qa g9ODijXHmAR+rI7mYiCtDUdITj+6PgQYZeC9QPn5DTyFImdLq5DUuWaJv3VfnYhn wL7Gxcvbmlyh+RA6qLp7SwKz/BxmO9N3ReGdj5Vctac7yqZXvWBW6gDtnYkuhsPR YSPhvfrEmoZd1tBmZCPHKin+nwKOMVKzlpEAUlkhXT2tCM4wuiFosX4x7xt4bP01 3HNIMPcHwLQzA43tCwO4o6y9xEQtiSddMUUmesJDZst6gut4owg= =L+Qd -----END PGP SIGNATURE-----
1 files changed,
9 insertions(+),
5 deletions(-)
jump to
M
middleware/middleware.go
→
middleware/middleware.go
@@ -14,7 +14,7 @@
type TokenPayload struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` - ExpiresIn int `json:"expires_in"` + ExpiresIn int `json:"expires_in"` } func Protected(next http.Handler, method string, userStore auth.UserStore, login string) http.Handler {@@ -29,8 +29,8 @@ fmt.Printf("authorized user: %s\n", user)
req.Method = method next.ServeHTTP(w, req) return - } else if err != nil && err.Error() == "Cookie or token expired"{ - auth.Logout(user, userStore, w) + } else if err != nil && err.Error() == "Cookie or token expired" { + auth.Logout(user, userStore, w) } } }@@ -100,7 +100,6 @@ renderer.JSON("token").ServeHTTP(w, req)
return } } - w.Header().Add("WWW-Authenticate", "Basic") w.WriteHeader(http.StatusUnauthorized) return }@@ -110,6 +109,7 @@ }
func Validate(next http.Handler, userStore auth.UserStore, scopes map[string]string) http.Handler { handlerFunc := func(w http.ResponseWriter, req *http.Request) { + errString := "" authHeader := req.Header.Get("Authorization") if strings.HasPrefix(authHeader, "Bearer ") { authToken := strings.Split(authHeader, "Bearer ")[1]@@ -117,9 +117,13 @@ validated, err := userStore.ValidateTokenWithScopes(authToken, scopes)
if validated && err == nil { next.ServeHTTP(w, req) return + } else { + errString = err.Error() } + } else { + errString = "No authentication data" } - w.Header().Add("WWW-Authenticate", "Basic") + w.Header().Add("Quartzgun-Error", errString) w.WriteHeader(http.StatusUnauthorized) }