From 1592e4e8cf6a84e107f3fa0a8387845c07706906 Mon Sep 17 00:00:00 2001
From: Jan Bader <jan.bader@ub-software.de>
Date: Mon, 19 Dec 2016 22:48:17 +0100
Subject: [PATCH] Move login.go to jwt subpackage

---
 {cmd/budgeteer => jwt}/login.go | 34 ++++++++++++++++++---------------
 1 file changed, 19 insertions(+), 15 deletions(-)
 rename {cmd/budgeteer => jwt}/login.go (73%)

diff --git a/cmd/budgeteer/login.go b/jwt/login.go
similarity index 73%
rename from cmd/budgeteer/login.go
rename to jwt/login.go
index 77217f2..34cc497 100644
--- a/cmd/budgeteer/login.go
+++ b/jwt/login.go
@@ -1,4 +1,4 @@
-package main
+package jwt
 
 import (
 	"fmt"
@@ -15,10 +15,10 @@ const (
 	authCookie = "authentication"
 )
 
-func verifyLogin(c *gin.Context) (jwt.MapClaims, bool) {
+func verifyLogin(c *gin.Context) (jwt.MapClaims, error) {
 	tokenString, err := c.Cookie(authCookie)
 	if err != nil {
-		return nil, false
+		return nil, err
 	}
 
 	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
@@ -27,31 +27,35 @@ func verifyLogin(c *gin.Context) (jwt.MapClaims, bool) {
 		}
 		return []byte(secret), nil
 	})
-
-	claims, ok := verifyToken(c, token, err)
-	if !ok {
+	if err != nil {
 		c.SetCookie(authCookie, "", -1, "", "", false, false)
-		return nil, false
+		return nil, err
 	}
 
-	return claims, true
+	claims, err := verifyToken(token)
+	if err != nil {
+		c.SetCookie(authCookie, "", -1, "", "", false, false)
+		return nil, err
+	}
+
+	return claims, nil
 }
 
-func verifyToken(c *gin.Context, token *jwt.Token, err error) (jwt.MapClaims, bool) {
-	if err != nil {
-		return nil, false
+func verifyToken(token *jwt.Token) (jwt.MapClaims, error) {
+	if !token.Valid {
+		return nil, fmt.Errorf("Token is not valid")
 	}
 
 	claims, ok := token.Claims.(jwt.MapClaims)
-	if !ok || !token.Valid {
-		return nil, false
+	if !ok {
+		return nil, fmt.Errorf("Claims are not of Type MapClaims")
 	}
 
 	if !claims.VerifyExpiresAt(time.Now().Unix(), true) {
-		return nil, false
+		return nil, fmt.Errorf("Claims have expired")
 	}
 
-	return claims, true
+	return claims, nil
 }
 
 func loginSuccess(c *gin.Context, username string, name string) {