Improve parseBearerToken().

2025-05-23 02:35:49 +08:00 · 2021-12-13 00:37:13 +08:00 · 2021-12-13 00:37:13 +08:00 · 0adb9b0047
commit 0adb9b0047
parent 00ab156453
2 changed files with 20 additions and 16 deletions
--- a/routers/auto_signin_filter.go
+++ b/routers/auto_signin_filter.go
@ -63,11 +63,17 @@ func AutoSigninFilter(ctx *context.Context) {
 		return
 	}

-	//Bearer token
-	//headers: {"Authorization":accessToken}
-	if claims, ok := parseBearer(ctx); ok {
+	// HTTP Bearer token
+	// Authorization: Bearer bearerToken
+	bearerToken := parseBearerToken(ctx)
+	if bearerToken != "" {
+		claims, err := object.ParseJwtToken(bearerToken)
+		if err != nil {
+			responseError(ctx, err.Error())
+			return
+		}
+
 		setSessionUser(ctx, fmt.Sprintf("%s/%s", claims.Owner, claims.Name))
 		setSessionExpire(ctx, claims.ExpiresAt.Unix())
-		return
 	}
 }
--- a/routers/base.go
+++ b/routers/base.go
@ -97,19 +97,17 @@ func setSessionExpire(ctx *context.Context, ExpireTime int64) {
 	ctx.Input.CruSession.SessionRelease(ctx.ResponseWriter)
 }

-func parseBearer(ctx *context.Context) (*object.Claims, bool) {
-	bearer := ctx.Request.Header.Get("Authorization")
-	bearerList := strings.Split(bearer, " ")
-	if len(bearerList) != 2 {
-		return nil, false
+func parseBearerToken(ctx *context.Context) string {
+	header := ctx.Request.Header.Get("Authorization")
+	tokens := strings.Split(header, " ")
+	if len(tokens) != 2 {
+		return ""
 	}
-	prefix := bearerList[0]
+
+	prefix := tokens[0]
 	if prefix != "Bearer" {
-		return nil, false
+		return ""
 	}
-	claims, err := object.ParseJwtToken(bearerList[1])
-	if err != nil {
-		return nil, false
-	}
-	return claims, true
+
+	return tokens[1]
 }