M middleware/middleware.go → middleware/middleware.go

@@ -14,7 +14,7 @@ 
 type TokenPayload struct {
 	AccessToken string `json:"access_token"`
 	TokenType   string `json:"token_type"`
-	ExpiresIn   int `json:"expires_in"`
+	ExpiresIn   int    `json:"expires_in"`
 }
 
 func Protected(next http.Handler, method string, userStore auth.UserStore, login string) http.Handler {
@@ -29,8 +29,8 @@ fmt.Printf("authorized user: %s\n", user)
 					req.Method = method
 					next.ServeHTTP(w, req)
 					return
-				} else if err != nil && err.Error() == "Cookie or token expired"{
-				  auth.Logout(user, userStore, w)
+				} else if err != nil && err.Error() == "Cookie or token expired" {
+					auth.Logout(user, userStore, w)
 				}
 			}
 		}
@@ -100,7 +100,6 @@ renderer.JSON("token").ServeHTTP(w, req)
 				return
 			}
 		}
-		w.Header().Add("WWW-Authenticate", "Basic")
 		w.WriteHeader(http.StatusUnauthorized)
 		return
 	}
@@ -110,6 +109,7 @@ }
 
 func Validate(next http.Handler, userStore auth.UserStore, scopes map[string]string) http.Handler {
 	handlerFunc := func(w http.ResponseWriter, req *http.Request) {
+		errString := ""
 		authHeader := req.Header.Get("Authorization")
 		if strings.HasPrefix(authHeader, "Bearer ") {
 			authToken := strings.Split(authHeader, "Bearer ")[1]
@@ -117,9 +117,13 @@ validated, err := userStore.ValidateTokenWithScopes(authToken, scopes)
 			if validated && err == nil {
 				next.ServeHTTP(w, req)
 				return
+			} else {
+				errString = err.Error()
 			}
+		} else {
+			errString = "No authentication data"
 		}
-		w.Header().Add("WWW-Authenticate", "Basic")
+		w.Header().Add("Quartzgun-Error", errString)
 		w.WriteHeader(http.StatusUnauthorized)
 	}