diff --git a/api/middleware.go b/api/middleware.go index 76ba44b..82ede60 100644 --- a/api/middleware.go +++ b/api/middleware.go @@ -17,6 +17,7 @@ import ( "net/http" "strconv" "strings" + "time" ) const AUTHED_CONTEXT_KEY = "authed" @@ -25,11 +26,27 @@ const WEBHOOK_CONTEXT_KEY = "webhook" const AuthCookieName = "auth-token" +var _ = jwt.Claims(&standardClaims{}) + type standardClaims struct { - Issuer any `json:"iss,omitempty"` + Issuer any `json:"iss,omitempty"` + ExpiresAt any `json:"exp,omitempty"` jwt.StandardClaims } +func (s *standardClaims) Valid() error { + if timeStr, ok := s.ExpiresAt.(string); ok { + t, err := time.Parse(time.RFC3339Nano, timeStr) + if err != nil { + return err + } + + unixTimestamp := t.Unix() + s.ExpiresAt = unixTimestamp + } + return s.StandardClaims.Valid() +} + func findAuthToken(r *http.Request) string { authHeader := parseAuthTokenHeader(r.Header)