Open rainyEra opened 1 year ago
It's actually in the PASETO specification, but you're right. User experience could be made better by surfacing those types of things into the documentation. I'll get to it as soon as I can. Thanks!
Oh I guess it is in the docs. If you click on the error returned as described in the docs, you'll see the PasetoClaimError which describes all the different ways a claim can fail (including expiration).
Well, now I see, but still it would be worth to mention that it will throw an error.
Where would have been a good place to mention it?
https://github.com/rrrodzilla/rusty_paseto#a-default-token Somewhere here would be good to mention. NOTE: If token is expired, then PasetoParser will throw an error: "Error: token is expired".
But I would add a separate example, if you don't mind: Verifying token
use rusty_paseto::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Debug, Deserialize, Serialize)]
struct MyData {
name: String,
role: String,
}
fn main() {
// Create a key specifying the PASETO version and purpose
let key = PasetoSymmetricKey::<V4, Local>::from(Key::from(b"wubbalubbadubdubwubbalubbadubdub"));
// Create a user
let user = MyData {
name: String::from("userLogin"),
role: String::from("admin"),
};
// Serialize MyData into JSON
let formatted_user_json = format!(
"{}",
serde_json::to_string(&user).expect("Failed to serialize MyData")
);
// Building our token
let token = {
let mut builder = PasetoBuilder::<V4, Local>::default();
builder
.set_claim(
CustomClaim::try_from(("user", &formatted_user_json)).expect("Failed to set claim"),
)
.set_claim(
ExpirationClaim::try_from("2019-01-01T00:00:00+00:00")
.expect("Failed to set expiration claim"),
)
.build(&key)
.expect("Failed to build token")
};
// Checking our token
match PasetoParser::<V4, Local>::default().parse(&token, &key) {
Ok(json_value) => {
// whole token
println!("JSON: {:?}", json_value);
// token payload
println!("Token payload: {}", json_value["user"]);
//printing token
println!("PASETO token: {}", token);
}
Err(err) => {
// Handle the error
eprintln!("Error: {}", err);
}
};
}
Hello, could you please add additional information to the docs that if token is expired, then PasetoParser::<V4, Local> will throw an error? That would be cool, because I was trying to find a way to verify token itself. It's a good design choice, but that was not mentioned in docs, or I'm simply blind (sorry 😢)