refactor: verify the token is a valid format, then check the db, then validate, and if it fails, delete from the db

This commit is contained in:
Derrick Hammer 2023-06-09 04:26:50 -04:00
parent f941ee46d4
commit 16f2ac3604
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
1 changed files with 8 additions and 2 deletions

View File

@ -168,9 +168,9 @@ func Logout(token string) error {
} }
func VerifyLoginToken(token string) error { func VerifyLoginToken(token string) error {
_, err := jwt.Verify(jwt.HS256, sharedKey, []byte(token), blocklist) _, err := jwt.Decode([]byte(token))
if err != nil { if err != nil {
return err return ErrInvalidToken
} }
session := model.LoginSession{} session := model.LoginSession{}
@ -179,5 +179,11 @@ func VerifyLoginToken(token string) error {
return ErrInvalidToken return ErrInvalidToken
} }
_, err = jwt.Verify(jwt.HS256, sharedKey, []byte(token), blocklist)
if err != nil {
db.Get().Delete(&session)
return err
}
return nil return nil
} }