From 9422077626b89c48a086750ecc74853b2e76de3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Gra=C3=B1a?= Date: Fri, 17 Oct 2014 11:47:27 -0200 Subject: [PATCH] access_token query param is in JWT format --- server/session/session.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/server/session/session.go b/server/session/session.go index b0c44e038..7ab647106 100644 --- a/server/session/session.go +++ b/server/session/session.go @@ -52,7 +52,11 @@ func GenerateToken(c context.Context, r *http.Request, user *model.User) (string // auth token. func getUserToken(c context.Context, r *http.Request) *model.User { var token = r.FormValue("access_token") - var user, _ = datastore.GetUserToken(c, token) + var user = getUserJwtToken(c, token) + // TODO: is it needed to fallback to user_token query? + if user == nil { + user, _ = datastore.GetUserToken(c, token) + } return user } @@ -61,7 +65,13 @@ func getUserToken(c context.Context, r *http.Request) *model.User { func getUserBearer(c context.Context, r *http.Request) *model.User { var tokenstr = r.Header.Get("Authorization") fmt.Sscanf(tokenstr, "Bearer %s", &tokenstr) + var user = getUserJwtToken(c, tokenstr) + return user +} +// getUserAccessToken gets the currently authenticated user for the given +// auth token in jwt format. +func getUserJwtToken(c context.Context, tokenstr string) *model.User { var token, err = jwt.Parse(tokenstr, func(t *jwt.Token) (interface{}, error) { return []byte(*secret), nil })