Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 22:30:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

REST API: add logout and store invalidated token

Browse Source
This commit is contained in:
Nicola Murino
2021-01-26 22:35:36 +01:00
parent 46ab8f8d78
commit c2bbd468c4
9 changed files with 184 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
httpd/middleware.go
View File

@@ -37,6 +37,11 @@ func jwtAuthenticator(next http.Handler) http.Handler {
sendAPIResponse(w, r, err, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
if isTokenInvalidated(r) {
logger.Debug(logSender, "", "the token has been invalidated")
sendAPIResponse(w, r, nil, "Your token is no longer valid", http.StatusUnauthorized)
return
}
// Token is authenticated, pass it through
next.ServeHTTP(w, r)
@@ -59,6 +64,11 @@ func jwtAuthenticatorWeb(next http.Handler) http.Handler {
http.Redirect(w, r, webLoginPath, http.StatusFound)
return
}
if isTokenInvalidated(r) {
logger.Debug(logSender, "", "the token has been invalidated")
http.Redirect(w, r, webLoginPath, http.StatusFound)
return
}
// Token is authenticated, pass it through
next.ServeHTTP(w, r)