add expire time testing.

appleboy · appleboy · commit c8c52929a0b3 · 2016-07-06T14:37:58.000+08:00
Signed-off-by: Bo-Yi Wu &lt;appleboy.tw@gmail.com&gt;
diff --git a/auth_jwt.go b/auth_jwt.go
@@ -251,6 +251,7 @@ func (mw *GinJWTMiddleware) TokenGenerator(userID string) string {
 
 	token.Claims["id"] = userID
 	token.Claims["exp"] = time.Now().Add(mw.Timeout).Unix()
+	token.Claims["orig_iat"] = time.Now().Unix()
 
 	tokenString, _ := token.SignedString(mw.Key)
 
diff --git a/auth_jwt_test.go b/auth_jwt_test.go
@@ -550,3 +550,36 @@ func TestUnauthorized(t *testing.T) {
 			assert.Equal(t, http.StatusUnauthorized, r.Code)
 		})
 }
+
+func TestTokenExpire(t *testing.T) {
+	// the middleware to test
+	authMiddleware := &GinJWTMiddleware{
+		Realm:      "test zone",
+		Key:        key,
+		Timeout:    time.Hour,
+		MaxRefresh: -time.Second,
+		Authenticator: func(userId string, password string, c *gin.Context) (string, bool) {
+			if userId == "admin" && password == "admin" {
+				return userId, true
+			}
+			return userId, false
+		},
+		Unauthorized: func(c *gin.Context, code int, message string) {
+			c.String(code, message)
+		},
+	}
+
+	handler := ginHandler(authMiddleware)
+
+	r := gofight.New()
+
+	userToken := authMiddleware.TokenGenerator("admin")
+
+	r.GET("/auth/refresh_token").
+		SetHeader(gofight.H{
+			"Authorization": "Bearer " + userToken,
+		}).
+		Run(handler, func(r gofight.HTTPResponse, rq gofight.HTTPRequest) {
+			assert.Equal(t, http.StatusUnauthorized, r.Code)
+		})
+}
