onasty: f4de4b3

2 files changed, 6 insertions(+), 0 deletions(-)

feat(jwt): handle tokens with invalid signature (#133)

Author: Smirnov Oleksandr ss2316544@gmail.com

Committed by: GitHub noreply@github.com

Committed at: 2025-06-18 17:00:02 +0300

Parent: 40bb8b9

jump to

M	internal/jwtutil/jwtutil.go
M	internal/transport/http/apiv1/response.go

M internal/jwtutil/jwtutil.go

···
        11
        11
         

      
        12
        12
         var (

      
        13
        13
         	ErrUnexpectedSigningMethod = errors.New("unexpected signing method")

      
        
        14
        +	ErrTokenSignatureInvalid   = errors.New("token signature invalid")

      
        14
        15
         	ErrTokenExpired            = errors.New("token expired")

      
        15
        16
         )

      
        16
        17
         

      ···
        71
        72
         

      
        72
        73
         	if errors.Is(err, jwt.ErrTokenExpired) {

      
        73
        74
         		return Payload{}, ErrTokenExpired

      
        
        75
        +	}

      
        
        76
        +

      
        
        77
        +	if errors.Is(err, jwt.ErrTokenSignatureInvalid) {

      
        
        78
        +		return Payload{}, ErrTokenSignatureInvalid

      
        74
        79
         	}

      
        75
        80
         

      
        76
        81
         	return Payload{

M internal/transport/http/apiv1/response.go

···
        49
        49
         

      
        50
        50
         	if errors.Is(err, ErrUnauthorized) ||

      
        51
        51
         		errors.Is(err, jwtutil.ErrTokenExpired) ||

      
        
        52
        +		errors.Is(err, jwtutil.ErrTokenSignatureInvalid) ||

      
        52
        53
         		errors.Is(err, models.ErrUserWrongCredentials) {

      
        53
        54
         		newErrorStatus(c, http.StatusUnauthorized, err.Error())

      
        54
        55
         		return