Major changes on API

auth.go

@@ -0,0 +1,54 @@
+package filemanager
+
+import (
+	"net/http"
+	"time"
+
+	jwt "github.com/dgrijalva/jwt-go"
+	"github.com/dgrijalva/jwt-go/request"
+)
+
+/* Set up a global string for our secret */
+var key = []byte("secret")
+
+type claims struct {
+	*User
+	jwt.StandardClaims
+}
+
+func getTokenHandler(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
+	// TODO: get user and password info from the request
+	// check if the password is correct for that user using a DB or JSOn
+	// or something.
+
+	claims := claims{
+		c.fm.User,
+		jwt.StandardClaims{
+			ExpiresAt: time.Now().Add(time.Minute * 5).Unix(),
+			Issuer:    "test",
+		},
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	string, err := token.SignedString(key)
+
+	if err != nil {
+		return http.StatusInternalServerError, err
+	}
+
+	w.Write([]byte(string))
+	return 0, nil
+}
+
+func validAuth(c *requestContext, r *http.Request) (bool, *User) {
+	token, err := request.ParseFromRequestWithClaims(r, request.AuthorizationHeaderExtractor, &claims{},
+		func(token *jwt.Token) (interface{}, error) {
+			return key, nil
+		})
+
+	if err == nil && token.Valid {
+		return true, c.fm.User
+	}
+
+	return false, nil
+}