Fixed rate limit panic when authenticatin with a link share auth token (#97)

2019-09-08 19:11:42 +00:00
parent fdd1624121
commit 6140920cb8
3 changed files with 22 additions and 18 deletions
--- a/pkg/routes/api/v1/auth.go
+++ b/pkg/routes/api/v1/auth.go
@ -19,7 +19,10 @@ package v1
 import (
 	"code.vikunja.io/api/pkg/config"
 	"code.vikunja.io/api/pkg/models"
+	"code.vikunja.io/web"
 	"github.com/dgrijalva/jwt-go"
+	"github.com/labstack/echo/v4"
+	"net/http"
 	"time"
 )

@ -65,3 +68,17 @@ func NewLinkShareJWTAuthtoken(share *models.LinkSharing) (token string, err erro
 	// Generate encoded token and send it as response.
 	return t.SignedString([]byte(config.ServiceJWTSecret.GetString()))
 }
+
+// GetAuthFromClaims returns a web.Auth object from jwt claims
+func GetAuthFromClaims(c echo.Context) (a web.Auth, err error) {
+	jwtinf := c.Get("user").(*jwt.Token)
+	claims := jwtinf.Claims.(jwt.MapClaims)
+	typ := int(claims["type"].(float64))
+	if typ == AuthTypeLinkShare && config.ServiceEnableLinkSharing.GetBool() {
+		return models.GetLinkShareFromClaims(claims)
+	}
+	if typ == AuthTypeUser {
+		return models.GetUserFromClaims(claims)
+	}
+	return nil, echo.NewHTTPError(http.StatusBadRequest, models.Message{Message: "Invalid JWT token."})
+}