Upgrade to go-chi 5

2021-05-11 17:21:18 -04:00
parent fb5840705e
commit 7d96167abc
12 changed files with 107 additions and 81 deletions
@@ -9,9 +9,9 @@ import (
 	"time"

 	"github.com/deluan/rest"
-	"github.com/dgrijalva/jwt-go"
-	"github.com/go-chi/jwtauth"
+	"github.com/go-chi/jwtauth/v5"
 	"github.com/google/uuid"
+	"github.com/lestrrat-go/jwx/jwt"
 	"github.com/navidrome/navidrome/conf"
 	"github.com/navidrome/navidrome/consts"
 	"github.com/navidrome/navidrome/core/auth"
@@ -149,16 +149,16 @@ func validateLogin(userRepo model.UserRepository, userName, password string) (*m
 	return u, nil
 }

-func contextWithUser(ctx context.Context, ds model.DataStore, claims jwt.MapClaims) context.Context {
-	userName := claims["sub"].(string)
+func contextWithUser(ctx context.Context, ds model.DataStore, token jwt.Token) context.Context {
+	userName := token.Subject()
 	user, _ := ds.User(ctx).FindByUsername(userName)
 	return request.WithUser(ctx, *user)
 }

-func getToken(ds model.DataStore, ctx context.Context) (*jwt.Token, error) {
+func getToken(ds model.DataStore, ctx context.Context) (jwt.Token, error) {
 	token, claims, err := jwtauth.FromContext(ctx)

-	valid := err == nil && token != nil && token.Valid
+	valid := err == nil && token != nil
 	valid = valid && claims["sub"] != nil
 	if valid {
 		return token, nil
@@ -183,6 +183,12 @@ func mapAuthHeader() func(next http.Handler) http.Handler {
 	}
 }

+func verifier() func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return jwtauth.Verify(auth.TokenAuth, jwtauth.TokenFromHeader, jwtauth.TokenFromCookie, jwtauth.TokenFromQuery)(next)
+	}
+}
+
 func authenticator(ds model.DataStore) func(next http.Handler) http.Handler {
 	auth.InitTokenAuth(ds)

@@ -198,9 +204,7 @@ func authenticator(ds model.DataStore) func(next http.Handler) http.Handler {
 				return
 			}

-			claims := token.Claims.(jwt.MapClaims)
-
-			newCtx := contextWithUser(r.Context(), ds, claims)
+			newCtx := contextWithUser(r.Context(), ds, token)
 			newTokenString, err := auth.TouchToken(token)
 			if err != nil {
 				log.Error(r, "signing new token", err)