fix user defined exiration

handlers/login.go

@@ -49,10 +49,6 @@ func (aH *AccessHandler) Login(c *gin.Context) {
 		aH.logger.Error("Login", "user empty")
 		c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("user empty"))
 		return
-	} else if !user.ExpirationIsValid() {
-		aH.logger.Error("Login", fmt.Sprintf("user %s is expired", user.Name))
-		c.JSON(http.StatusUnauthorized, models.NewJsonMessageResponse("user "+user.Name+" is expired"))
-		return
 	}
 
 	// Fetch user record from DB
@@ -64,12 +60,24 @@ func (aH *AccessHandler) Login(c *gin.Context) {
 		return
 	}
 
+	if len(dbRecord) == 0 {
+		aH.logger.Error("Login", "no user "+user.Name+" found")
+		c.JSON(http.StatusUnauthorized, models.NewJsonMessageResponse("invalid credentials"))
+		return
+	}
+
 	if len(dbRecord) > 1 {
 		aH.logger.Error("Login", "more than one record found")
 		c.JSON(http.StatusInternalServerError, models.NewJsonMessageResponse("internal error"))
 		return
 	}
 
+	if !dbRecord[0].ExpirationIsValid() {
+		aH.logger.Error("Login", fmt.Sprintf("user %s is expired", user.Name))
+		c.JSON(http.StatusUnauthorized, models.NewJsonMessageResponse("user "+user.Name+" is expired"))
+		return
+	}
+
 	// Check password
 	if !utils.CheckPassword(user.Password, dbRecord[0].Password) {
 		aH.logger.Error("Login", "invalid password")
@@ -182,7 +190,8 @@ func (aH *AccessHandler) Refresh(c *gin.Context) {
 	role := claims["role"].(string)
 
 	if !expirationDateValid(claims["userExpiration"].(string)) {
-		aH.logger.Error("Login", fmt.Sprintf("user %s is expired", username))
+		aH.Logout(c)
+		aH.logger.Error("Refresh", fmt.Sprintf("user %s is expired", username))
 		c.JSON(http.StatusUnauthorized, models.NewJsonMessageResponse("user "+username+" is expired"))
 		return
 	}