mirror of
https://github.com/muety/wakapi.git
synced 2023-08-10 21:12:56 +03:00
fix: Fix the empty key error
This commit is contained in:
parent
630090e38a
commit
c6e1651d9e
@ -1,6 +1,7 @@
|
|||||||
package middlewares
|
package middlewares
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
@ -10,6 +11,10 @@ import (
|
|||||||
"github.com/muety/wakapi/utils"
|
"github.com/muety/wakapi/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
errEmptyKey = fmt.Errorf("the api_key is empty")
|
||||||
|
)
|
||||||
|
|
||||||
type AuthenticateMiddleware struct {
|
type AuthenticateMiddleware struct {
|
||||||
config *conf.Config
|
config *conf.Config
|
||||||
userSrvc services.IUserService
|
userSrvc services.IUserService
|
||||||
@ -46,10 +51,10 @@ func (m *AuthenticateMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Reques
|
|||||||
user, err := m.tryGetUserByCookie(r)
|
user, err := m.tryGetUserByCookie(r)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
user, err = m.tryGetUserByApiKey(r)
|
user, err = m.tryGetUserByApiKeyHeader(r)
|
||||||
}
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
user, err = m.tryGetUserByQueryParameter(r)
|
user, err = m.tryGetUserByApiKeyQuery(r)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil || user == nil {
|
if err != nil || user == nil {
|
||||||
@ -81,7 +86,7 @@ func (m *AuthenticateMiddleware) isOptional(requestPath string) bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.User, error) {
|
func (m *AuthenticateMiddleware) tryGetUserByApiKeyHeader(r *http.Request) (*models.User, error) {
|
||||||
key, err := utils.ExtractBearerAuth(r)
|
key, err := utils.ExtractBearerAuth(r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -96,11 +101,13 @@ func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.Us
|
|||||||
return user, nil
|
return user, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *AuthenticateMiddleware) tryGetUserByQueryParameter(r *http.Request) (*models.User, error) {
|
func (m *AuthenticateMiddleware) tryGetUserByApiKeyQuery(r *http.Request) (*models.User, error) {
|
||||||
key := r.URL.Query().Get("token")
|
key := r.URL.Query().Get("api_token")
|
||||||
|
|
||||||
var user *models.User
|
var user *models.User
|
||||||
userKey := strings.TrimSpace(key)
|
userKey := strings.TrimSpace(key)
|
||||||
|
if userKey == "" {
|
||||||
|
return nil, errEmptyKey
|
||||||
|
}
|
||||||
user, err := m.userSrvc.GetUserByKey(userKey)
|
user, err := m.userSrvc.GetUserByKey(userKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -3,14 +3,16 @@ package middlewares
|
|||||||
import (
|
import (
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"net/url"
|
||||||
|
"testing"
|
||||||
|
|
||||||
"github.com/muety/wakapi/mocks"
|
"github.com/muety/wakapi/mocks"
|
||||||
"github.com/muety/wakapi/models"
|
"github.com/muety/wakapi/models"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"net/http"
|
|
||||||
"testing"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestAuthenticateMiddleware_tryGetUserByApiKey_Success(t *testing.T) {
|
func TestAuthenticateMiddleware_tryGetUserByApiKeyHeader_Success(t *testing.T) {
|
||||||
testApiKey := "z5uig69cn9ut93n"
|
testApiKey := "z5uig69cn9ut93n"
|
||||||
testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))
|
testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))
|
||||||
testUser := &models.User{ApiKey: testApiKey}
|
testUser := &models.User{ApiKey: testApiKey}
|
||||||
@ -26,13 +28,13 @@ func TestAuthenticateMiddleware_tryGetUserByApiKey_Success(t *testing.T) {
|
|||||||
|
|
||||||
sut := NewAuthenticateMiddleware(userServiceMock)
|
sut := NewAuthenticateMiddleware(userServiceMock)
|
||||||
|
|
||||||
result, err := sut.tryGetUserByApiKey(mockRequest)
|
result, err := sut.tryGetUserByApiKeyHeader(mockRequest)
|
||||||
|
|
||||||
assert.Nil(t, err)
|
assert.Nil(t, err)
|
||||||
assert.Equal(t, testUser, result)
|
assert.Equal(t, testUser, result)
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestAuthenticateMiddleware_tryGetUserByApiKey_InvalidHeader(t *testing.T) {
|
func TestAuthenticateMiddleware_tryGetUserByApiKeyHeader_Invalid(t *testing.T) {
|
||||||
testApiKey := "z5uig69cn9ut93n"
|
testApiKey := "z5uig69cn9ut93n"
|
||||||
testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))
|
testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))
|
||||||
|
|
||||||
@ -47,10 +49,52 @@ func TestAuthenticateMiddleware_tryGetUserByApiKey_InvalidHeader(t *testing.T) {
|
|||||||
|
|
||||||
sut := NewAuthenticateMiddleware(userServiceMock)
|
sut := NewAuthenticateMiddleware(userServiceMock)
|
||||||
|
|
||||||
result, err := sut.tryGetUserByApiKey(mockRequest)
|
result, err := sut.tryGetUserByApiKeyHeader(mockRequest)
|
||||||
|
|
||||||
assert.Error(t, err)
|
assert.Error(t, err)
|
||||||
assert.Nil(t, result)
|
assert.Nil(t, result)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAuthenticateMiddleware_tryGetUserByApiKeyQuery_Success(t *testing.T) {
|
||||||
|
testApiKey := "z5uig69cn9ut93n"
|
||||||
|
testUser := &models.User{ApiKey: testApiKey}
|
||||||
|
|
||||||
|
mockRequest := &http.Request{
|
||||||
|
URL: &url.URL{
|
||||||
|
RawQuery: fmt.Sprintf("api_token=%s", testApiKey),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
userServiceMock := new(mocks.UserServiceMock)
|
||||||
|
userServiceMock.On("GetUserByKey", testApiKey).Return(testUser, nil)
|
||||||
|
|
||||||
|
sut := NewAuthenticateMiddleware(userServiceMock)
|
||||||
|
|
||||||
|
result, err := sut.tryGetUserByApiKeyQuery(mockRequest)
|
||||||
|
|
||||||
|
assert.Nil(t, err)
|
||||||
|
assert.Equal(t, testUser, result)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestAuthenticateMiddleware_tryGetUserByApiKeyQuery_Invalid(t *testing.T) {
|
||||||
|
testApiKey := "z5uig69cn9ut93n"
|
||||||
|
|
||||||
|
mockRequest := &http.Request{
|
||||||
|
URL: &url.URL{
|
||||||
|
// Use the wrong parameter name.
|
||||||
|
RawQuery: fmt.Sprintf("token=%s", testApiKey),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
userServiceMock := new(mocks.UserServiceMock)
|
||||||
|
|
||||||
|
sut := NewAuthenticateMiddleware(userServiceMock)
|
||||||
|
|
||||||
|
result, actualErr := sut.tryGetUserByApiKeyQuery(mockRequest)
|
||||||
|
|
||||||
|
assert.Error(t, actualErr)
|
||||||
|
assert.Equal(t, errEmptyKey, actualErr)
|
||||||
|
assert.Nil(t, result)
|
||||||
|
}
|
||||||
|
|
||||||
// TODO: somehow test cookie auth function
|
// TODO: somehow test cookie auth function
|
||||||
|
Loading…
Reference in New Issue
Block a user