Improve parseBearerToken().

routers/auto_signin_filter.go

@@ -63,11 +63,17 @@ func AutoSigninFilter(ctx *context.Context) {
 		return
 	}
 
-	//Bearer token
-	//headers: {"Authorization":accessToken}
-	if claims, ok := parseBearer(ctx); ok {
-		setSessionUser(ctx, fmt.Sprintf("%s/%s", claims.Owner, claims.Name))
-		setSessionExpire(ctx, claims.ExpiresAt.Unix())
+	// HTTP Bearer token
+	// Authorization: Bearer bearerToken
+	bearerToken := parseBearerToken(ctx)
+	if bearerToken != "" {
+		claims, err := object.ParseJwtToken(bearerToken)
+		if err != nil {
+			responseError(ctx, err.Error())
 			return
 		}
+
+		setSessionUser(ctx, fmt.Sprintf("%s/%s", claims.Owner, claims.Name))
+		setSessionExpire(ctx, claims.ExpiresAt.Unix())
+	}
 }

routers/base.go

@@ -97,19 +97,17 @@ func setSessionExpire(ctx *context.Context, ExpireTime int64) {
 	ctx.Input.CruSession.SessionRelease(ctx.ResponseWriter)
 }
 
-func parseBearer(ctx *context.Context) (*object.Claims, bool) {
-	bearer := ctx.Request.Header.Get("Authorization")
-	bearerList := strings.Split(bearer, " ")
-	if len(bearerList) != 2 {
-		return nil, false
+func parseBearerToken(ctx *context.Context) string {
+	header := ctx.Request.Header.Get("Authorization")
+	tokens := strings.Split(header, " ")
+	if len(tokens) != 2 {
+		return ""
 	}
-	prefix := bearerList[0]
+
+	prefix := tokens[0]
 	if prefix != "Bearer" {
-		return nil, false
+		return ""
 	}
-	claims, err := object.ParseJwtToken(bearerList[1])
-	if err != nil {
-		return nil, false
-	}
-	return claims, true
+
+	return tokens[1]
 }