Mirrors/filebrowser
1
0
Fork 0
mirror of https://github.com/filebrowser/filebrowser.git synced 2026-01-23 02:35:10 +00:00
Code Issues Projects Releases Wiki Activity

chore(deps): update module github.com/golang-jwt/jwt/v4 to v5 (#5535)

Browse source 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Henrique Dias <mail@hacdias.com>
This commit is contained in:
renovate[bot] 2025-11-13 16:07:53 +01:00 committed by GitHub
parent dda8fdbcb2
commit 38951d950f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 12 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

14
http/auth.go
View file

@ -9,8 +9,8 @@ import (
"strings"
"time"
"github.com/golang-jwt/jwt/v4"
"github.com/golang-jwt/jwt/v4/request"
"github.com/golang-jwt/jwt/v5"
"github.com/golang-jwt/jwt/v5/request"
fbErrors "github.com/filebrowser/filebrowser/v2/errors"
"github.com/filebrowser/filebrowser/v2/users"
@ -69,15 +69,19 @@ func withUser(fn handleFunc) handleFunc {
var tk authToken
token, err := request.ParseFromRequest(r, &extractor{}, keyFunc, request.WithClaims(&tk))
if err != nil || !token.Valid {
return http.StatusUnauthorized, nil
}
expired := !tk.VerifyExpiresAt(time.Now().Add(time.Hour), true)
err = jwt.NewValidator(jwt.WithExpirationRequired()).Validate(tk)
if err != nil {
return http.StatusUnauthorized, nil
}
expiresSoon := tk.ExpiresAt != nil && time.Until(tk.ExpiresAt.Time) < time.Hour
updated := tk.IssuedAt != nil && tk.IssuedAt.Unix() < d.store.Users.LastUpdate(tk.User.ID)
if expired || updated {
if expiresSoon || updated {
w.Header().Add("X-Renew-Token", "true")
}