Learning Golang and Fiber (golang newbie, go easy!)
Hi, decided to take the next step in my Golang journey and take a look at some web frameworks, mainly those that resemble Flask in Python and ExpressJs in NodeJs. Fiber as a candidate is a great little framework and it's been fairly straightforward to get into.
However, I was experimenting with the "auth-jwt" recipe, and came across this issue in the handler/user.go functions UpdateUser and DeleteUser. As I turn on/off protected() functions and experiment with token lifespans, it's reasonably clear that the JWT middleware IS protecting my functions as i run the tests available in the POSTMan suite.
For some reason or another, whenever I try to PATCH UpdateUser or DELETE DeleteUser, I get this error:
13:15:57 | 401 | 0s | 192.168.56.1 | DELETE | /api/user/2
panic: interface conversion: interface {} is *jwt.Token, not *jwt.Token (types from different packages)
goroutine 20 [running]:
api-fiber-gorm/handler.DeleteUser(0xc0002142c0)
/home/ubuntu/projects/golang/auth-jwt/handler/user.go:128 +0x6ad
The line in question in BOTH cases (UpdateUser and DeleteUser) is:
token := c.Locals("user").(*jwt.Token)
I've been able to log the contents of c.Locals("user") and it looks like it does contain "healthy" user JWT information. I also can't see if there is any other JWT package interfering with the deployed recipe (i've cleaned out the build and cache multiple times)
I don't know enough golang yet to take this any further, and the only reference that I could find to a similar problem was due to a replacement for the original package for security issues, almost two years ago.
dgrijalva/jwt-go#401
Can anybody point me in the right direction please?
Thanks & regards.
My go.mod after running / building
The recipe code is almost intact from the repo as of 20 November 2022, apart from one or two log.Println()s to help me debug. Go is version 1.19.
module api-fiber-gorm
go 1.19
require (
github.com/gofiber/fiber/v2 v2.39.0
github.com/gofiber/jwt/v2 v2.2.7
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/joho/godotenv v1.4.0
golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
gorm.io/driver/postgres v1.4.5
gorm.io/gorm v1.24.1-0.20221019064659-5dd2bb482755
)
require (
github.com/andybalholm/brotli v1.0.4 // indirect
github.com/golang-jwt/jwt/v4 v4.0.0 // indirect
github.com/jackc/chunkreader/v2 v2.0.1 // indirect
github.com/jackc/pgconn v1.13.0 // indirect
github.com/jackc/pgio v1.0.0 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgproto3/v2 v2.3.1 // indirect
github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect
github.com/jackc/pgtype v1.12.0 // indirect
github.com/jackc/pgx/v4 v4.17.2 // indirect
github.com/jinzhu/inflection v1.0.0 // indirect
github.com/jinzhu/now v1.1.4 // indirect
github.com/klauspost/compress v1.15.0 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.16 // indirect
github.com/mattn/go-runewidth v0.0.14 // indirect
github.com/rivo/uniseg v0.2.0 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
github.com/valyala/fasthttp v1.40.0 // indirect
github.com/valyala/tcplisten v1.0.0 // indirect
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab // indirect
golang.org/x/text v0.3.7 // indirect
)