(token string, role int64)
| 111 | } |
| 112 | |
| 113 | func HandleTokenAuth(token string, role int64) (user *model.User, tokenEid int64, err error) { |
| 114 | user_id, tokenEid, err := jwt.UserParseJWT(token) |
| 115 | if err != nil { |
| 116 | if strings.Contains(err.Error(), "token is expired") { |
| 117 | return nil, 0, errors.New("token is expired") |
| 118 | } else if strings.Contains(err.Error(), "token has invalid claims") { |
| 119 | return nil, 0, errors.New("token has invalid claims") |
| 120 | } else { |
| 121 | return nil, 0, errors.New("unauthorized access") |
| 122 | } |
| 123 | } |
| 124 | |
| 125 | user = model.ValidateAccessToken(token) |
| 126 | if user == nil || user.UserID != user_id { |
| 127 | return nil, 0, errors.New("not found") |
| 128 | } |
| 129 | |
| 130 | if user.Status == model.UserStatusDisabled { |
| 131 | return nil, 0, errors.New("forbidden access") |
| 132 | } |
| 133 | |
| 134 | if role > 0 && user.Role < role { |
| 135 | return nil, 0, errors.New("forbidden access") |
| 136 | } |
| 137 | |
| 138 | return user, tokenEid, nil |
| 139 | } |
no test coverage detected