Merge branch 'gaocegege-auth'

2021-10-11 11:30:08 +02:00 · 2021-10-11 11:30:08 +02:00 · 6c0145b149
parent cc11226eab a94092e31c
commit 6c0145b149
5 changed files with 694 additions and 518 deletions
--- a/coverage/coverage.out
+++ b/coverage/coverage.out
--- a/middlewares/authenticate.go
+++ b/middlewares/authenticate.go
@ -1,12 +1,23 @@
 package middlewares

 import (
+	"fmt"
+	"net/http"
+	"strings"
+
 	conf "github.com/muety/wakapi/config"
 	"github.com/muety/wakapi/models"
 	"github.com/muety/wakapi/services"
 	"github.com/muety/wakapi/utils"
-	"net/http"
-	"strings"
+)
+
+const (
+	// queryApiKey is the query parameter name for api key.
+	queryApiKey = "api_key"
+)
+
+var (
+	errEmptyKey = fmt.Errorf("the api_key is empty")
 )

 type AuthenticateMiddleware struct {
@ -45,7 +56,10 @@ func (m *AuthenticateMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Reques
 	user, err := m.tryGetUserByCookie(r)

 	if err != nil {
-		user, err = m.tryGetUserByApiKey(r)
+		user, err = m.tryGetUserByApiKeyHeader(r)
+	}
+	if err != nil {
+		user, err = m.tryGetUserByApiKeyQuery(r)
 	}

 	if err != nil || user == nil {
@ -77,7 +91,7 @@ func (m *AuthenticateMiddleware) isOptional(requestPath string) bool {
 	return false
 }

-func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.User, error) {
+func (m *AuthenticateMiddleware) tryGetUserByApiKeyHeader(r *http.Request) (*models.User, error) {
 	key, err := utils.ExtractBearerAuth(r)
 	if err != nil {
 		return nil, err
@ -92,6 +106,20 @@ func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.Us
 	return user, nil
 }

+func (m *AuthenticateMiddleware) tryGetUserByApiKeyQuery(r *http.Request) (*models.User, error) {
+	key := r.URL.Query().Get(queryApiKey)
+	var user *models.User
+	userKey := strings.TrimSpace(key)
+	if userKey == "" {
+		return nil, errEmptyKey
+	}
+	user, err := m.userSrvc.GetUserByKey(userKey)
+	if err != nil {
+		return nil, err
+	}
+	return user, nil
+}
+
 func (m *AuthenticateMiddleware) tryGetUserByCookie(r *http.Request) (*models.User, error) {
 	username, err := utils.ExtractCookieAuth(r, m.config)
 	if err != nil {
--- a/middlewares/authenticate_test.go
+++ b/middlewares/authenticate_test.go
@ -3,14 +3,16 @@ package middlewares
 import (
 	"encoding/base64"
 	"fmt"
+	"net/http"
+	"net/url"
+	"testing"
+
 	"github.com/muety/wakapi/mocks"
 	"github.com/muety/wakapi/models"
 	"github.com/stretchr/testify/assert"
-	"net/http"
-	"testing"
 )

-func TestAuthenticateMiddleware_tryGetUserByApiKey_Success(t *testing.T) {
+func TestAuthenticateMiddleware_tryGetUserByApiKeyHeader_Success(t *testing.T) {
 	testApiKey := "z5uig69cn9ut93n"
 	testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))
 	testUser := &models.User{ApiKey: testApiKey}
@ -26,13 +28,13 @@ func TestAuthenticateMiddleware_tryGetUserByApiKey_Success(t *testing.T) {

 	sut := NewAuthenticateMiddleware(userServiceMock)

-	result, err := sut.tryGetUserByApiKey(mockRequest)
+	result, err := sut.tryGetUserByApiKeyHeader(mockRequest)

 	assert.Nil(t, err)
 	assert.Equal(t, testUser, result)
 }

-func TestAuthenticateMiddleware_tryGetUserByApiKey_InvalidHeader(t *testing.T) {
+func TestAuthenticateMiddleware_tryGetUserByApiKeyHeader_Invalid(t *testing.T) {
 	testApiKey := "z5uig69cn9ut93n"
 	testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))

@ -47,10 +49,52 @@ func TestAuthenticateMiddleware_tryGetUserByApiKey_InvalidHeader(t *testing.T) {

 	sut := NewAuthenticateMiddleware(userServiceMock)

-	result, err := sut.tryGetUserByApiKey(mockRequest)
+	result, err := sut.tryGetUserByApiKeyHeader(mockRequest)

 	assert.Error(t, err)
 	assert.Nil(t, result)
 }

+func TestAuthenticateMiddleware_tryGetUserByApiKeyQuery_Success(t *testing.T) {
+	testApiKey := "z5uig69cn9ut93n"
+	testUser := &models.User{ApiKey: testApiKey}
+
+	mockRequest := &http.Request{
+		URL: &url.URL{
+			RawQuery: fmt.Sprintf("api_token=%s", testApiKey),
+		},
+	}
+
+	userServiceMock := new(mocks.UserServiceMock)
+	userServiceMock.On("GetUserByKey", testApiKey).Return(testUser, nil)
+
+	sut := NewAuthenticateMiddleware(userServiceMock)
+
+	result, err := sut.tryGetUserByApiKeyQuery(mockRequest)
+
+	assert.Nil(t, err)
+	assert.Equal(t, testUser, result)
+}
+
+func TestAuthenticateMiddleware_tryGetUserByApiKeyQuery_Invalid(t *testing.T) {
+	testApiKey := "z5uig69cn9ut93n"
+
+	mockRequest := &http.Request{
+		URL: &url.URL{
+			// Use the wrong parameter name.
+			RawQuery: fmt.Sprintf("token=%s", testApiKey),
+		},
+	}
+
+	userServiceMock := new(mocks.UserServiceMock)
+
+	sut := NewAuthenticateMiddleware(userServiceMock)
+
+	result, actualErr := sut.tryGetUserByApiKeyQuery(mockRequest)
+
+	assert.Error(t, actualErr)
+	assert.Equal(t, errEmptyKey, actualErr)
+	assert.Nil(t, result)
+}
+
 // TODO: somehow test cookie auth function
--- a/Tests.postman_collection.json
+++ b/Tests.postman_collection.json
@ -1,6 +1,6 @@
 {
 	"info": {
-		"_postman_id": "36595622-81dc-4f4a-826e-345ae63fc83b",
+		"_postman_id": "da93a75e-e931-4f00-80b8-428f0e7ae824",
 		"name": "Wakapi API Tests",
 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
 	},
@ -251,6 +251,105 @@
 						}
 					},
 					"response": []
+				},
+				{
+					"name": "Authenticate (header)",
+					"event": [
+						{
+							"listen": "test",
+							"script": {
+								"exec": [
+									"pm.test(\"Status code is 200\", function () {",
+									"    pm.response.to.have.status(200);",
+									"});"
+								],
+								"type": "text/javascript"
+							}
+						}
+					],
+					"protocolProfileBehavior": {
+						"disableCookies": true,
+						"followRedirects": false
+					},
+					"request": {
+						"auth": {
+							"type": "bearer",
+							"bearer": [
+								{
+									"key": "token",
+									"value": "{{WRITEUSER_TOKEN}}",
+									"type": "string"
+								}
+							]
+						},
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE_URL}}/api/summary?interval=today",
+							"host": [
+								"{{BASE_URL}}"
+							],
+							"path": [
+								"api",
+								"summary"
+							],
+							"query": [
+								{
+									"key": "interval",
+									"value": "today"
+								}
+							]
+						}
+					},
+					"response": []
+				},
+				{
+					"name": "Authenticate (query param)",
+					"event": [
+						{
+							"listen": "test",
+							"script": {
+								"exec": [
+									"pm.test(\"Status code is 200\", function () {",
+									"    pm.response.to.have.status(200);",
+									"});"
+								],
+								"type": "text/javascript"
+							}
+						}
+					],
+					"protocolProfileBehavior": {
+						"disableCookies": true,
+						"followRedirects": false
+					},
+					"request": {
+						"auth": {
+							"type": "noauth"
+						},
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE_URL}}/api/summary?interval=today&api_key={{WRITEUSER_API_KEY}}",
+							"host": [
+								"{{BASE_URL}}"
+							],
+							"path": [
+								"api",
+								"summary"
+							],
+							"query": [
+								{
+									"key": "interval",
+									"value": "today"
+								},
+								{
+									"key": "api_key",
+									"value": "{{WRITEUSER_API_KEY}}"
+								}
+							]
+						}
+					},
+					"response": []
 				}
 			]
 		},
--- a/testing/run_api_tests.sh
+++ b/testing/run_api_tests.sh
@ -1,9 +1,7 @@
 #!/bin/bash

-if [ ! -f "wakapi" ]; then
-    echo "Wakapi executable not found. Compiling."
-    go build
-fi
+echo "Compiling."
+go build

 if ! command -v newman &> /dev/null
 then