mirror
/
wakapi
mirror of https://github.com/muety/wakapi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: Fix the empty key error

This commit is contained in:
Ce Gao 2021-10-11 15:58:29 +08:00
parent 630090e38a
commit c6e1651d9e
2 changed files with 63 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
middlewares/authenticate.go
View File

@ -1,6 +1,7 @@
package middlewares package middlewares
import ( import (
"fmt"
"net/http" "net/http"
"strings" "strings"
@ -10,6 +11,10 @@ import (
"github.com/muety/wakapi/utils" "github.com/muety/wakapi/utils"
) )
var (
errEmptyKey = fmt.Errorf("the api_key is empty")
)
type AuthenticateMiddleware struct { type AuthenticateMiddleware struct {
config *conf.Config config *conf.Config
userSrvc services.IUserService userSrvc services.IUserService
@ -46,10 +51,10 @@ func (m *AuthenticateMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Reques
user, err := m.tryGetUserByCookie(r) user, err := m.tryGetUserByCookie(r)
if err != nil { if err != nil {
user, err = m.tryGetUserByApiKey(r) user, err = m.tryGetUserByApiKeyHeader(r)
} }
if err != nil { if err != nil {
user, err = m.tryGetUserByQueryParameter(r) user, err = m.tryGetUserByApiKeyQuery(r)
} }
if err != nil || user == nil { if err != nil || user == nil {
@ -81,7 +86,7 @@ func (m *AuthenticateMiddleware) isOptional(requestPath string) bool {
return false return false
} }
func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.User, error) { func (m *AuthenticateMiddleware) tryGetUserByApiKeyHeader(r *http.Request) (*models.User, error) {
key, err := utils.ExtractBearerAuth(r) key, err := utils.ExtractBearerAuth(r)
if err != nil { if err != nil {
return nil, err return nil, err
@ -96,11 +101,13 @@ func (m *AuthenticateMiddleware) tryGetUserByApiKey(r *http.Request) (*models.Us
return user, nil return user, nil
} }
func (m *AuthenticateMiddleware) tryGetUserByQueryParameter(r *http.Request) (*models.User, error) { func (m *AuthenticateMiddleware) tryGetUserByApiKeyQuery(r *http.Request) (*models.User, error) {
key := r.URL.Query().Get("token") key := r.URL.Query().Get("api_token")
var user *models.User var user *models.User
userKey := strings.TrimSpace(key) userKey := strings.TrimSpace(key)
if userKey == "" {
return nil, errEmptyKey
}
user, err := m.userSrvc.GetUserByKey(userKey) user, err := m.userSrvc.GetUserByKey(userKey)
if err != nil { if err != nil {
return nil, err return nil, err

56
middlewares/authenticate_test.go
View File

@ -3,14 +3,16 @@ package middlewares
import ( import (
"encoding/base64" "encoding/base64"
"fmt" "fmt"
"net/http"
"net/url"
"testing"
"github.com/muety/wakapi/mocks" "github.com/muety/wakapi/mocks"
"github.com/muety/wakapi/models" "github.com/muety/wakapi/models"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"net/http"
"testing"
) )
func TestAuthenticateMiddleware_tryGetUserByApiKey_Success(t *testing.T) { func TestAuthenticateMiddleware_tryGetUserByApiKeyHeader_Success(t *testing.T) {
testApiKey := "z5uig69cn9ut93n" testApiKey := "z5uig69cn9ut93n"
testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey)) testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))
testUser := &models.User{ApiKey: testApiKey} testUser := &models.User{ApiKey: testApiKey}
@ -26,13 +28,13 @@ func TestAuthenticateMiddleware_tryGetUserByApiKey_Success(t *testing.T) {
sut := NewAuthenticateMiddleware(userServiceMock) sut := NewAuthenticateMiddleware(userServiceMock)
result, err := sut.tryGetUserByApiKey(mockRequest) result, err := sut.tryGetUserByApiKeyHeader(mockRequest)
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, testUser, result) assert.Equal(t, testUser, result)
} }
func TestAuthenticateMiddleware_tryGetUserByApiKey_InvalidHeader(t *testing.T) { func TestAuthenticateMiddleware_tryGetUserByApiKeyHeader_Invalid(t *testing.T) {
testApiKey := "z5uig69cn9ut93n" testApiKey := "z5uig69cn9ut93n"
testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey)) testToken := base64.StdEncoding.EncodeToString([]byte(testApiKey))
@ -47,10 +49,52 @@ func TestAuthenticateMiddleware_tryGetUserByApiKey_InvalidHeader(t *testing.T) {
sut := NewAuthenticateMiddleware(userServiceMock) sut := NewAuthenticateMiddleware(userServiceMock)
result, err := sut.tryGetUserByApiKey(mockRequest) result, err := sut.tryGetUserByApiKeyHeader(mockRequest)
assert.Error(t, err) assert.Error(t, err)
assert.Nil(t, result) assert.Nil(t, result)
} }
func TestAuthenticateMiddleware_tryGetUserByApiKeyQuery_Success(t *testing.T) {
testApiKey := "z5uig69cn9ut93n"
testUser := &models.User{ApiKey: testApiKey}
mockRequest := &http.Request{
URL: &url.URL{
RawQuery: fmt.Sprintf("api_token=%s", testApiKey),
},
}
userServiceMock := new(mocks.UserServiceMock)
userServiceMock.On("GetUserByKey", testApiKey).Return(testUser, nil)
sut := NewAuthenticateMiddleware(userServiceMock)
result, err := sut.tryGetUserByApiKeyQuery(mockRequest)
assert.Nil(t, err)
assert.Equal(t, testUser, result)
}
func TestAuthenticateMiddleware_tryGetUserByApiKeyQuery_Invalid(t *testing.T) {
testApiKey := "z5uig69cn9ut93n"
mockRequest := &http.Request{
URL: &url.URL{
// Use the wrong parameter name.
RawQuery: fmt.Sprintf("token=%s", testApiKey),
},
}
userServiceMock := new(mocks.UserServiceMock)
sut := NewAuthenticateMiddleware(userServiceMock)
result, actualErr := sut.tryGetUserByApiKeyQuery(mockRequest)
assert.Error(t, actualErr)
assert.Equal(t, errEmptyKey, actualErr)
assert.Nil(t, result)
}
// TODO: somehow test cookie auth function // TODO: somehow test cookie auth function