chk
/
AppFlowy-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #551 from AppFlowy-IO/jwt-exp-verify 

fix: remove unneeded time verification
This commit is contained in:
Zack 2024-05-13 10:53:02 +08:00 committed by GitHub
parent c491f1a560 40369e6915
commit 6cc46e3779
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 0 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
libs/gotrue-entity/src/gotrue_jwt.rs
View File

@ -48,17 +48,4 @@ impl GoTrueJWTClaims {
let token_data = decode::<Self>(token, &DecodingKey::from_secret(secret), &VALIDATION)?;
Ok(token_data.claims)
}
pub fn verify_claim(claims: &GoTrueJWTClaims) -> Result<(), jsonwebtoken::errors::Error> {
let ts_expiry = claims.exp.ok_or_else(|| {
jsonwebtoken::errors::ErrorKind::MissingRequiredClaim("expect exp but not found".to_owned())
})?;
let ts_now = chrono::Utc::now().timestamp();
if ts_now > ts_expiry {
Err(jsonwebtoken::errors::ErrorKind::ExpiredSignature.into())
} else {
Ok(())
}
}
}

7
src/biz/user/auth/jwt.rs
View File

@ -151,12 +151,5 @@ fn gotrue_jwt_claims_from_token(
.map_err(|err| {
actix_web::error::ErrorUnauthorized(format!("fail to decode token, error:{}", err))
})?;
GoTrueJWTClaims::verify_claim(&claims).map_err(|err| {
actix_web::error::ErrorUnauthorized(format!(
"fail to verify token, claims:{}, error:{}",
claims, err
))
})?;
Ok(claims)
}