feat: add token expiry check in token
This commit is contained in:
parent
f8f1e885f5
commit
e690a775fd
|
|
@ -1133,9 +1133,9 @@ checksum = "fd16c4719339c4530435d38e511904438d07cce7950afa3718a84ac36c10e89e"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "chrono"
|
name = "chrono"
|
||||||
version = "0.4.31"
|
version = "0.4.33"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "7f2c685bad3eb3d45a01354cedb7d5faa66194d1d58ba6e267a8de788f79db38"
|
checksum = "9f13690e35a5e4ace198e7beea2895d29f3a9cc55015fcebe6336bd2010af9eb"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"android-tzdata",
|
"android-tzdata",
|
||||||
"iana-time-zone",
|
"iana-time-zone",
|
||||||
|
|
@ -1143,7 +1143,7 @@ dependencies = [
|
||||||
"num-traits",
|
"num-traits",
|
||||||
"serde",
|
"serde",
|
||||||
"wasm-bindgen",
|
"wasm-bindgen",
|
||||||
"windows-targets 0.48.5",
|
"windows-targets 0.52.0",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
|
@ -2249,6 +2249,7 @@ version = "0.1.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"anyhow",
|
"anyhow",
|
||||||
"app-error",
|
"app-error",
|
||||||
|
"chrono",
|
||||||
"jsonwebtoken",
|
"jsonwebtoken",
|
||||||
"lazy_static",
|
"lazy_static",
|
||||||
"serde",
|
"serde",
|
||||||
|
|
|
||||||
|
|
@ -12,3 +12,4 @@ anyhow = "1.0.79"
|
||||||
lazy_static = "1.4.0"
|
lazy_static = "1.4.0"
|
||||||
jsonwebtoken = "8.3.0"
|
jsonwebtoken = "8.3.0"
|
||||||
app-error = { workspace = true, features = ["gotrue_error"] }
|
app-error = { workspace = true, features = ["gotrue_error"] }
|
||||||
|
chrono = "0.4.33"
|
||||||
|
|
|
||||||
|
|
@ -35,6 +35,16 @@ lazy_static::lazy_static! {
|
||||||
|
|
||||||
impl GoTrueJWTClaims {
|
impl GoTrueJWTClaims {
|
||||||
pub fn verify(token: &str, secret: &[u8]) -> Result<Self, jsonwebtoken::errors::Error> {
|
pub fn verify(token: &str, secret: &[u8]) -> Result<Self, jsonwebtoken::errors::Error> {
|
||||||
Ok(decode(token, &DecodingKey::from_secret(secret), &VALIDATION)?.claims)
|
let claims = decode::<Self>(token, &DecodingKey::from_secret(secret), &VALIDATION)?.claims;
|
||||||
|
|
||||||
|
let ts_expiry = claims.exp.ok_or_else(|| {
|
||||||
|
jsonwebtoken::errors::ErrorKind::MissingRequiredClaim("expect exp but not found".to_owned())
|
||||||
|
})?;
|
||||||
|
|
||||||
|
let ts_now = chrono::Utc::now().timestamp();
|
||||||
|
match ts_now > ts_expiry {
|
||||||
|
true => Err(jsonwebtoken::errors::ErrorKind::ExpiredSignature.into()),
|
||||||
|
false => Ok(claims),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue