camzalewski/personal-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Added tests for auth middleware.

Browse source
This commit is contained in:
mikestefanello 2021-12-21 20:29:15 -05:00
parent 58ba9f6dcc
commit d395993338
5 changed files with 76 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

33
middleware/auth.go
View file

@ -11,17 +11,18 @@ import (
"github.com/labstack/echo/v4"
)
// LoadAuthenticatedUser loads the authenticated user, if one, and stores in context
func LoadAuthenticatedUser(authClient *services.AuthClient) echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
u, err := authClient.GetAuthenticatedUser(c)
switch err.(type) {
case *ent.NotFoundError:
c.Logger().Debug("auth user not found")
c.Logger().Warn("auth user not found")
case services.NotAuthenticatedError:
case nil:
c.Set(context.AuthenticatedUserKey, u)
c.Logger().Info("auth user loaded in to context: %d", u.ID)
c.Logger().Infof("auth user loaded in to context: %d", u.ID)
default:
c.Logger().Errorf("error querying for authenticated user: %v", err)
}
@ -31,41 +32,42 @@ func LoadAuthenticatedUser(authClient *services.AuthClient) echo.MiddlewareFunc
}
}
// LoadValidPasswordToken loads a valid password token entity that matches the user and token
// provided in path parameters
// If the token is invalid, the user will be redirected to the forgot password route
// This requires that the user owning the token is loaded in to context
func LoadValidPasswordToken(authClient *services.AuthClient) echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
var usr *ent.User
// Extract the user parameter
if c.Get(context.UserKey) == nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Internal server error")
return echo.NewHTTPError(http.StatusInternalServerError)
}
usr = c.Get(context.UserKey).(*ent.User)
usr := c.Get(context.UserKey).(*ent.User)
tokenParam := c.Param("password_token")
token, err := authClient.GetValidPasswordToken(c, tokenParam, usr.ID)
token, err := authClient.GetValidPasswordToken(c, c.Param("password_token"), usr.ID)
switch err.(type) {
case nil:
c.Set(context.PasswordTokenKey, token)
return next(c)
case services.InvalidPasswordTokenError:
msg.Warning(c, "The link is either invalid or has expired. Please request a new one.")
return c.Redirect(http.StatusFound, c.Echo().Reverse("forgot_password"))
default:
c.Logger().Error(err)
return echo.NewHTTPError(http.StatusInternalServerError, "Internal server error")
return echo.NewHTTPError(http.StatusInternalServerError)
}
c.Set(context.PasswordTokenKey, token)
return next(c)
}
}
}
// RequireAuthentication requires that the user be authenticated in order to proceed
func RequireAuthentication() echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
if u := c.Get(context.AuthenticatedUserKey); u == nil {
return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized")
return echo.NewHTTPError(http.StatusUnauthorized)
}
return next(c)
@ -73,11 +75,12 @@ func RequireAuthentication() echo.MiddlewareFunc {
}
}
// RequireNoAuthentication requires that the user not be authenticated in order to proceed
func RequireNoAuthentication() echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
if u := c.Get(context.AuthenticatedUserKey); u != nil {
return echo.NewHTTPError(http.StatusForbidden, "Forbidden")
return echo.NewHTTPError(http.StatusForbidden)
}
return next(c)