Completed refresh token flow with middleware.

This commit is contained in:
2026-04-30 08:39:48 +02:00
parent e0c2bf08b4
commit 8c0614d32b
2 changed files with 124 additions and 40 deletions
+12 -1
View File
@@ -3,6 +3,7 @@ package web
import (
"context"
"encoding/json"
"errors"
"fmt"
"net/http"
@@ -55,7 +56,17 @@ func (s *Server) hasAuth(next http.Handler) http.Handler {
if err != nil || !token.Valid {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusUnauthorized)
json.NewEncoder(w).Encode(map[string]string{"error": "invalid or expired token"})
// Check if the error is specifically because the token expired
if errors.Is(err, jwt.ErrTokenExpired) {
json.NewEncoder(w).Encode(map[string]string{
"error": "token_expired",
"message": "Please use your refresh token to get a new session",
})
return
}
json.NewEncoder(w).Encode(map[string]string{"error": "unauthorized"})
return
}