(fn handleFunc)
| 83 | } |
| 84 | |
| 85 | func withUser(fn handleFunc) handleFunc { |
| 86 | return func(w http.ResponseWriter, r *http.Request, d *data) (int, error) { |
| 87 | keyFunc := func(_ *jwt.Token) (interface{}, error) { |
| 88 | return d.settings.Key, nil |
| 89 | } |
| 90 | |
| 91 | var tk authToken |
| 92 | p := jwt.NewParser(jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}), jwt.WithExpirationRequired()) |
| 93 | token, err := request.ParseFromRequest(r, &extractor{}, keyFunc, request.WithClaims(&tk), request.WithParser(p)) |
| 94 | if (err != nil || !token.Valid) && !renewableErr(err, d) { |
| 95 | return http.StatusUnauthorized, nil |
| 96 | } |
| 97 | |
| 98 | expiresSoon := tk.ExpiresAt != nil && time.Until(tk.ExpiresAt.Time) < time.Hour |
| 99 | updated := tk.IssuedAt != nil && tk.IssuedAt.Unix() < d.store.Users.LastUpdate(tk.User.ID) |
| 100 | |
| 101 | if expiresSoon || updated { |
| 102 | w.Header().Add("X-Renew-Token", "true") |
| 103 | } |
| 104 | |
| 105 | d.user, err = d.store.Users.Get(d.server.Root, d.server.FollowExternalSymlinks, tk.User.ID) |
| 106 | if err != nil { |
| 107 | return http.StatusInternalServerError, err |
| 108 | } |
| 109 | return fn(w, r, d) |
| 110 | } |
| 111 | } |
| 112 | |
| 113 | func withAdmin(fn handleFunc) handleFunc { |
| 114 | return withUser(func(w http.ResponseWriter, r *http.Request, d *data) (int, error) { |
no test coverage detected