search

yglukhov / nim-jwt

JWT implementation for nim-lang
MIT License
51 stars 11 forks source link

Verify API #6

Open kidandcat opened 4 years ago

kidandcat commented 4 years ago

Could the verify method API be standarized?

I mean, now it can return false or throw an exception, one thing should be possible only, if not this lead to duplicating checking code:

                try:
                  let jwtToken = p["token"].getStr.toJWT()
                  if jwtToken.verify(secret):
                    email = jwtToken.claims["email"].node.getStr
                    ws.send("check", %*{
                      "logged": true
                    })
                  else:
                    email = ""
                    ws.send("check", %*{  #<-------- duplicated for return false and exception
                      "logged": false
                    })
                except InvalidToken:
                  email = ""
                  ws.send("check", %*{   #<-------- duplicated for return false and exception
                    "logged": false
                  })

PD: if you agree I can make the PR, I'm opening this issue to know if I'm missing an existing good reason for this approach

yglukhov commented 4 years ago

Right, it's the toJWT that raises. I guess we need an initialization method that wouldn't raise. Smth in lines of

var jwt: JWT
if jwt.init(p{"token"}.getStr) and jwt.verify(secret):
  # all good

Feel free to file a PR. Or did you see it differently?