some more changes

auth/auth.go

@@ -1,6 +1,7 @@
 package auth
 
 import (
+	"errors"
 	"os"
 	"time"
 
@@ -29,7 +30,7 @@ func makePasswordSalty(password string, salt []byte) []byte {
 
 func HashPassword(password string, salt []byte) (hashedPassword []byte, err error) {
 	saltyPassword := makePasswordSalty(password, salt)
-	hashedPassword, err = bcrypt.GenerateFromPassword(saltyPassword, bcrypt.MaxCost)
+	hashedPassword, err = bcrypt.GenerateFromPassword(saltyPassword, bcrypt.DefaultCost)
 	return
 }
 
@@ -54,3 +55,16 @@ func GenerateJWT(id uint, username string, email string) (jwttoken string, err e
 	}
 	return
 }
+
+func VerifyJWT(jwttoken string) (claims jwt.MapClaims, err error) {
+	token, e := jwt.ParseWithClaims(jwttoken, &jwt.MapClaims{}, func(t *jwt.Token) (interface{}, error) {
+		return secretKey, nil
+	})
+	if e != nil || !token.Valid {
+		err = errors.New("Unautherized")
+		return
+	}
+	claimsptr := token.Claims.(*jwt.MapClaims)
+	claims = *claimsptr
+	return
+}

auth/middleware.go

@@ -4,7 +4,6 @@ import (
 	"net/http"
 
 	"github.com/gin-gonic/gin"
-	"github.com/golang-jwt/jwt"
 )
 
 func GetUser() gin.HandlerFunc {
@@ -15,15 +14,12 @@ func GetUser() gin.HandlerFunc {
 			c.Abort()
 			return
 		}
-		token, err := jwt.ParseWithClaims(tokenCookie, &jwt.MapClaims{}, func(t *jwt.Token) (interface{}, error) {
-			return secretKey, nil
-		})
-		if err != nil || !token.Valid {
+		claims, err := VerifyJWT(tokenCookie)
+		if err != nil {
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
 			c.Abort()
 			return
 		}
-		claims := token.Claims.(jwt.MapClaims)
 		c.Set("user_id", claims["user_id"])
 		c.Set("username", claims["username"])
 		c.Set("user_email", claims["email"])