src/main/kotlin/eu/maiora/Application.kt

@@ -17,10 +17,12 @@ fun main() {
 
 fun Application.module() {
     val config = ApplicationConfig("application.conf")
-    val dbUrl = config.property("ktor.database.url").getString();
+    val dbUrl = config.property("ktor.database.url").getString()
-    val username = config.property("ktor.database.username").getString();
+    val username = config.property("ktor.database.username").getString()
-    val password = config.property("ktor.database.password").getString();
+    val password = config.property("ktor.database.password").getString()
+    val secret = config.property("ktor.jwt.secret").getString()
     configureDatabases(dbUrl, username, password)
+    configureSecurity(secret)
     configureRouting(dbUrl, username, password)
     configureSerialization()
 

src/main/kotlin/eu/maiora/plugins/Security.kt

@@ -0,0 +1,35 @@
+package eu.maiora.plugins
+
+import com.auth0.jwt.JWT
+import com.auth0.jwt.algorithms.Algorithm
+import io.ktor.http.*
+import io.ktor.server.application.*
+import io.ktor.server.auth.*
+import io.ktor.server.auth.jwt.*
+import io.ktor.server.response.*
+
+fun Application.configureSecurity(secret: String) {
+    install(Authentication) {
+        jwt ("auth-jwt"){
+            verifier(
+                JWT
+                    .require(Algorithm.HMAC256(secret))
+                    .build())
+            validate { credential ->
+                val expiresAt = credential.payload.expiresAt?.time ?: 0
+                val now = System.currentTimeMillis()
+
+                // Verifica se il token ? scaduto
+                if (expiresAt >= now) {
+                    JWTPrincipal(credential.payload)
+                }
+                else {
+                    null
+                }
+            }
+            challenge { defaultScheme, realm ->
+                call.respond(HttpStatusCode.Unauthorized, "Token non valido o scaduto")
+            }
+        }
+    }
+}