dont re-b64 the jwt

pointless, and messed up swagger auth.
pull/20/head
Harvey Tindall 4 years ago
parent d64e98da37
commit b6f3cd7c1f
No known key found for this signature in database
GPG Key ID: BBC65952848FB1A2

@ -51,8 +51,7 @@ func (app *appContext) authenticate(gc *gin.Context) {
respond(401, "Unauthorized", gc)
return
}
creds, _ := base64.StdEncoding.DecodeString(header[1])
token, err := jwt.Parse(string(creds), checkToken)
token, err := jwt.Parse(string(header[1]), checkToken)
if err != nil {
app.debug.Printf("Auth denied: %s", err)
respond(401, "Unauthorized", gc)
@ -103,7 +102,7 @@ type getTokenDTO struct {
}
// @Summary Grabs an API token using username & password.
// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer <your api key>".
// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer `your api key`".
// @Produce json
// @Success 200 {object} getTokenDTO
// @Failure 401 {object} stringResponse

@ -48,7 +48,7 @@ export const _get = (url: string, data: Object, onreadystatechange: () => void):
let req = new XMLHttpRequest();
req.open("GET", url, true);
req.responseType = 'json';
req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
req.setRequestHeader("Authorization", "Bearer " + window.token);
req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
req.onreadystatechange = onreadystatechange;
req.send(JSON.stringify(data));
@ -60,7 +60,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void,
if (response) {
req.responseType = 'json';
}
req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
req.setRequestHeader("Authorization", "Bearer " + window.token);
req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
req.onreadystatechange = onreadystatechange;
req.send(JSON.stringify(data));
@ -69,7 +69,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void,
export function _delete(url: string, data: Object, onreadystatechange: () => void): void {
let req = new XMLHttpRequest();
req.open("DELETE", url, true);
req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
req.setRequestHeader("Authorization", "Bearer " + window.token);
req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
req.onreadystatechange = onreadystatechange;
req.send(JSON.stringify(data));

Loading…
Cancel
Save