diff --git a/lib/src/web_app/jwt.dart b/lib/src/web_app/jwt.dart index 37d1fb0..71f3c9d 100644 --- a/lib/src/web_app/jwt.dart +++ b/lib/src/web_app/jwt.dart @@ -61,6 +61,10 @@ shelf.Middleware processJwt(List permissions) => (innerHandler) { return createUnauthorizedResponse("Invalid jwt token"); } + if (claim.expiry?.isBefore(DateTime.now()) ?? true) { + return createUnauthorizedResponse("Token expired"); + } + final permissions = Set.of(claim.payload['permissions'] ?? []); if (!permissions.containsAll(permissionsIntValues)) { return createForbiddenResponse("Missing permissions");