Abort if invalid token/data and wrap some errors

2021-12-06 21:12:32 +00:00 · 2021-12-06 21:12:32 +00:00 · 16b59afc29
commit 16b59afc29
parent 29cee46a14
3 changed files with 7 additions and 4 deletions
--- a/http/always-needed-data.go
+++ b/http/always-needed-data.go
@ -19,6 +19,7 @@ func (h *Handler) getImportantData(c *gin.Context) {
 	budgetUUID, err := uuid.Parse(budgetID)
 	if err != nil {
 		c.Redirect(http.StatusTemporaryRedirect, "/login")
+		c.Abort()
 		return
 	}

--- a/http/session.go
+++ b/http/session.go
@ -2,6 +2,7 @@ package http

 import (
 	"context"
+	"fmt"
 	"net/http"
 	"time"

@ -13,13 +14,13 @@ import (
 func (h *Handler) verifyLogin(c *gin.Context) (budgeteer.Token, error) {
 	tokenString, err := c.Cookie(authCookie)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("get cookie: %w", err)
 	}

 	token, err := h.TokenVerifier.VerifyToken(tokenString)
 	if err != nil {
 		c.SetCookie(authCookie, "", -1, "", "", false, false)
-		return nil, err
+		return nil, fmt.Errorf("verify token '%s': %w", tokenString, err)
 	}

 	return token, nil
@ -29,6 +30,7 @@ func (h *Handler) verifyLoginWithRedirect(c *gin.Context) {
 	token, err := h.verifyLogin(c)
 	if err != nil {
 		c.Redirect(http.StatusTemporaryRedirect, "/login")
+		c.Abort()
 		return
 	}

--- a/jwt/login.go
+++ b/jwt/login.go
@ -54,12 +54,12 @@ func (tv *TokenVerifier) VerifyToken(tokenString string) (budgeteer.Token, error
 		return []byte(secret), nil
 	})
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("parse jwt: %w", err)
 	}

 	claims, err := verifyToken(token)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("verify jwt: %w", err)
 	}

 	tkn := &Token{