Completed refresh token flow with middleware.
This commit is contained in:
@@ -3,6 +3,7 @@ package web
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
@@ -55,7 +56,17 @@ func (s *Server) hasAuth(next http.Handler) http.Handler {
|
||||
if err != nil || !token.Valid {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
json.NewEncoder(w).Encode(map[string]string{"error": "invalid or expired token"})
|
||||
|
||||
// Check if the error is specifically because the token expired
|
||||
if errors.Is(err, jwt.ErrTokenExpired) {
|
||||
json.NewEncoder(w).Encode(map[string]string{
|
||||
"error": "token_expired",
|
||||
"message": "Please use your refresh token to get a new session",
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
json.NewEncoder(w).Encode(map[string]string{"error": "unauthorized"})
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user