JWT page redirect


#1

I want to use JWT to protect the whole site, unauthorized use can only access login.html and register.html.

Is it the right way to set ErrorHandler function here? And how to redirect to login page?

Thanks in advance.

code:

e.Use(middleware.JWTWithConfig(middleware.JWTConfig{
		SigningKey: []byte("secret"),
		ContextKey: "jwt.context_key",
		AuthScheme: "jwt.auth_scheme",
		Skipper: func(c echo.Context) bool {
			// Skip authentication for and signup login requests
			if c.Path() == "/login.html" || c.Path() == "/register.html" {
				return true
			}
			return false
		},
		ErrorHandler: func(err error) error {
			// Redirect to login.html
			return nil
		},
	}))

#2

Make sense?

diff --git a/middleware/jwt.go b/middleware/jwt.go
index 051c589..0698bf9 100644
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -62,7 +62,7 @@ type (
        JWTSuccessHandler func(echo.Context)
 
        // JWTErrorHandler defines a function which is executed for an invalid token.
-       JWTErrorHandler func(error) error
+       JWTErrorHandler func(echo.Context, error) error
 
        jwtExtractor func(echo.Context) (string, error)
 )
@@ -159,7 +159,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
                        auth, err := extractor(c)
                        if err != nil {
                                if config.ErrorHandler != nil {
-                                       return config.ErrorHandler(err)
+                                       return config.ErrorHandler(c, err)
                                }
                                return err
                        }
@@ -181,7 +181,7 @@ func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
                                return next(c)
                        }
                        if config.ErrorHandler != nil {
-                               return config.ErrorHandler(err)
+                               return config.ErrorHandler(c, err)
                        }
                        return &echo.HTTPError{
                                Code:     http.StatusUnauthorized,

So I can use echo.Context to redirect to login page.

c.Redirect(http.StatusSeeOther, "/login.html")