Merge pull request #44 from poanetwork/ferigis.43.return_token_expired
Ferigis.43.return token expired
This commit is contained in:
commit
866ef68767
|
@ -59,5 +59,13 @@ config :poa_backend, POABackend.Auth.Guardian,
|
|||
issuer: "poa_backend",
|
||||
secret_key: "LQYmeqQfrphbxUjJltkwH4xnosLc+2S2e8KuYWctMenNY9bmgwnrH8r3ii9FP/8V"
|
||||
|
||||
# this is a list of admins/passwords for authorisation endpoints
|
||||
config :poa_backend,
|
||||
:admins,
|
||||
[
|
||||
{"admin1", "password12345678"},
|
||||
{"admin2", "password87654321"}
|
||||
]
|
||||
|
||||
config :mnesia,
|
||||
dir: 'priv/data/mnesia' # make sure this directory exists!
|
|
@ -143,7 +143,7 @@ defmodule POABackend.Auth do
|
|||
@doc """
|
||||
Validates if a JWT token is valid.
|
||||
"""
|
||||
@spec valid_token?(String.t) :: Boolean.t
|
||||
@spec valid_token?(String.t) :: Boolean.t | {:error, :token_expired}
|
||||
def valid_token?(jwt_token) do
|
||||
with {:ok, claims} <- Auth.Guardian.decode_and_verify(jwt_token),
|
||||
{:ok, user, ^claims} <- Auth.Guardian.resource_from_token(jwt_token),
|
||||
|
@ -151,6 +151,8 @@ defmodule POABackend.Auth do
|
|||
do
|
||||
true
|
||||
else
|
||||
{:error, :token_expired} = result ->
|
||||
result
|
||||
_error -> false
|
||||
end
|
||||
end
|
||||
|
|
|
@ -17,7 +17,11 @@ defmodule POABackend.CustomHandler.REST.Plugs.Authorization do
|
|||
do
|
||||
conn
|
||||
else
|
||||
_ ->
|
||||
{:error, :token_expired} ->
|
||||
conn
|
||||
|> send_resp(401, Poison.encode!(%{error: :token_expired}))
|
||||
|> halt
|
||||
_error ->
|
||||
conn
|
||||
|> send_resp(401, "")
|
||||
|> halt
|
||||
|
|
|
@ -242,6 +242,17 @@ defmodule CustomHandler.RESTTest do
|
|||
assert(original_data == REST.Plugs.RequiredFields.init(original_data))
|
||||
end
|
||||
|
||||
test "get a token_expired response from the backend" do
|
||||
# create a token which expires in one second
|
||||
user = Auth.get_user(@user)
|
||||
{:ok, token, _} = POABackend.Auth.Guardian.encode_and_sign(user, %{}, ttl: {1, :second})
|
||||
|
||||
Process.sleep(2000)
|
||||
|
||||
assert {:error, :token_expired} == POABackend.Auth.Guardian.decode_and_verify(token)
|
||||
assert {401, %{"error" => "token_expired"}} == ping("agentID", token)
|
||||
end
|
||||
|
||||
# ----------------------------------------
|
||||
# Internal functions
|
||||
# ----------------------------------------
|
||||
|
@ -254,12 +265,12 @@ defmodule CustomHandler.RESTTest do
|
|||
defp post(url, data, headers) do
|
||||
{:ok, response} = HTTPoison.post(url, data, headers)
|
||||
|
||||
body = case response.status_code do
|
||||
200 ->
|
||||
body = case response.body do
|
||||
"" ->
|
||||
:nobody
|
||||
_ ->
|
||||
{:ok, body} = Poison.decode(response.body)
|
||||
body
|
||||
_ ->
|
||||
:nobody
|
||||
end
|
||||
|
||||
{response.status_code, body}
|
||||
|
|
Loading…
Reference in New Issue