fix: make verify work with custom claims type

2025-05-19 16:37:27 +02:00
parent ef7e1a80d9
commit eba6253ff6
1 changed files with 7 additions and 5 deletions
--- a/internal/auth/jwt.go
+++ b/internal/auth/jwt.go
@ -7,6 +7,7 @@ import (
 	"fmt"
 	"os"

+	"gitea.local/admin/hspguard/internal/types"
 	"github.com/golang-jwt/jwt/v5"
 )

@ -63,12 +64,13 @@ func SignJwtToken(claims jwt.Claims) (string, error) {
 	return s, nil
 }

-func VerifyToken(token string, claims jwt.Claims) (*jwt.Token, error) {
+func VerifyToken(token string) (*jwt.Token, *types.UserClaims, error) {
 	publicKey, err := parseBase64PublicKey("JWT_PUBLIC_KEY")
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}

+	claims := &types.UserClaims{}
 	parsed, err := jwt.ParseWithClaims(token, claims, func(t *jwt.Token) (any, error) {
 		if _, ok := t.Method.(*jwt.SigningMethodECDSA); !ok {
 			return nil, fmt.Errorf("unexpected signing method: %v", t.Header["alg"])
@ -77,13 +79,13 @@ func VerifyToken(token string, claims jwt.Claims) (*jwt.Token, error) {
 	})

 	if err != nil {
-		return nil, fmt.Errorf("invalid token: %w", err)
+		return nil, nil, fmt.Errorf("invalid token: %w", err)
 	}

 	if !parsed.Valid {
-		return nil, fmt.Errorf("token is not valid")
+		return nil, nil, fmt.Errorf("token is not valid")
 	}

-	return parsed, nil
+	return parsed, claims, nil
 }