innov
/
nightingale
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

check user exists when refresh token

This commit is contained in:
Ulric Qin 2022-08-01 14:44:22 +08:00
parent ba0eafa065
commit 1ea30e03a4
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/webapi/router/router_login.go
View File

@ -3,6 +3,7 @@ package router
import ( import (
"fmt" "fmt"
"net/http" "net/http"
"strconv"
"strings" "strings"
"time" "time"
@ -116,6 +117,24 @@ func refreshPost(c *gin.Context) {
return return
} }
userid, err := strconv.ParseInt(strings.Split(userIdentity, "-")[0], 10, 64)
if err != nil {
ginx.NewRender(c, http.StatusUnauthorized).Message("failed to parse user_identity from jwt")
return
}
u, err := models.UserGetById(userid)
if err != nil {
ginx.NewRender(c, http.StatusInternalServerError).Message("failed to query user by id")
return
}
if u == nil {
// user already deleted
ginx.NewRender(c, http.StatusUnauthorized).Message("user already deleted")
return
}
// Delete the previous Refresh Token // Delete the previous Refresh Token
err = deleteAuth(c.Request.Context(), refreshUuid) err = deleteAuth(c.Request.Context(), refreshUuid)
if err != nil { if err != nil {