From a922ff30fc3b91b4465411b15d506db98b9e871a Mon Sep 17 00:00:00 2001
From: hexxa <hexxa@outlook.com>
Date: Sun, 9 Jan 2022 18:01:04 +0800
Subject: [PATCH] fix(users): err is nil if token is expired in checking token
 failure

---
 src/handlers/multiusers/middlewares.go | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/handlers/multiusers/middlewares.go b/src/handlers/multiusers/middlewares.go
index 6fc8643..2d78016 100644
--- a/src/handlers/multiusers/middlewares.go
+++ b/src/handlers/multiusers/middlewares.go
@@ -1,6 +1,7 @@
 package multiusers
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 	"strconv"
@@ -8,10 +9,12 @@ import (
 	"time"
 
 	"github.com/gin-gonic/gin"
-	q "github.com/ihexxa/quickshare/src/handlers"
 	"github.com/ihexxa/quickshare/src/db/userstore"
+	q "github.com/ihexxa/quickshare/src/handlers"
 )
 
+var ErrExpired = errors.New("token is expired")
+
 func apiRuleCname(role, method, path string) string {
 	return fmt.Sprintf("%s-%s-%s", role, method, path)
 }
@@ -43,9 +46,12 @@ func (h *MultiUsersSvc) AuthN() gin.HandlerFunc {
 
 				now := time.Now().Unix()
 				expire, err := strconv.ParseInt(claims[q.ExpireParam], 10, 64)
-				if err != nil || expire <= now {
+				if err != nil {
 					c.AbortWithStatusJSON(q.ErrResp(c, 401, err))
 					return
+				} else if expire <= now {
+					c.AbortWithStatusJSON(q.ErrResp(c, 401, ErrExpired))
+					return
 				}
 			}
 			// set default values if token is empty