Fix issues with JWT auth

2019-11-15 01:35:19 -05:00 · 2019-11-15 01:35:19 -05:00 · 396f4bcfd8
parent 51c5f037f4
commit 396f4bcfd8
6 changed files with 7 additions and 73 deletions
--- a/config/prod.yml
+++ b/config/prod.yml
@ -41,40 +41,6 @@ enable_tracing: true
 # SG_AUTH_RAILS_REDIS_PASSWORD
 # SG_AUTH_JWT_PUBLIC_KEY_FILE
 # inflections:
 #   person: people
 #   sheep: sheep
 auth: 
  # Can be 'rails' or 'jwt'
  type: rails
  cookie: _app_session
  rails:
    # Rails version this is used for reading the
    # various cookies formats.
    version: 5.2
    # Found in 'Rails.application.config.secret_key_base'
    secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566
    # Remote cookie store. (memcache or redis)
    # url: redis://127.0.0.1:6379
    # password: test
    # max_idle: 80,
    # max_active: 12000,
    # In most cases you don't need these
    # salt: "encrypted cookie"
    # sign_salt: "signed encrypted cookie"
    # auth_salt: "authenticated encrypted cookie"
  # jwt:
  #   provider: auth0
  #   secret: abc335bfcfdb04e50db5bb0a4d67ab9
  #   public_key_file: /secrets/public_key.pem
  #   public_key_type: ecdsa #rsa
 database:
  type: postgres
  host: db
--- a/serv/auth_jwt.go
+++ b/serv/auth_jwt.go
@ -95,8 +95,11 @@ func jwtHandler(next http.HandlerFunc) http.HandlerFunc {
 			} else {
 				ctx = context.WithValue(ctx, userIDKey, claims.Subject)
 			}
 			next.ServeHTTP(w, r.WithContext(ctx))
 			return
 		}
 		next.ServeHTTP(w, r)
 	}
 }
--- a/serv/http.go
+++ b/serv/http.go
@ -77,16 +77,14 @@ func apiv1Http(w http.ResponseWriter, r *http.Request) {
 	}
 	b, err := ioutil.ReadAll(io.LimitReader(r.Body, maxReadBytes))
 	defer r.Body.Close()
 	if err != nil {
 		logger.Err(err).Msg("failed to read request body")
 		errorResp(w, err)
 		return
 	}
 	defer r.Body.Close()
 	err = json.Unmarshal(b, &ctx.req)
 	if err != nil {
 		logger.Err(err).Msg("failed to decode json request body")
 		errorResp(w, err)
@ -109,10 +107,10 @@ func apiv1Http(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		logger.Err(err).Msg("failed to handle request")
 		errorResp(w, err)
 		return
 	}
 }
 func errorResp(w http.ResponseWriter, err error) {
 	w.WriteHeader(http.StatusBadRequest)
 	json.NewEncoder(w).Encode(gqlResp{Error: err.Error()})
 }
--- a/serv/serv.go
+++ b/serv/serv.go
@ -169,6 +169,7 @@ func routeHandler() http.Handler {
 	mux := http.NewServeMux()
 	mux.Handle("/api/v1/graphql", withAuth(apiv1Http))
 	if conf.WebUI {
 		mux.Handle("/", http.FileServer(rice.MustFindBox("../web/build").HTTPBox()))
 	}
--- a/tmpl/docker-compose.yml
+++ b/tmpl/docker-compose.yml
@ -1,4 +1,4 @@
-version: '3'
+version: '3.4'
 services:
  db:
    image: postgres
--- a/tmpl/prod.yml
+++ b/tmpl/prod.yml
@ -40,40 +40,6 @@ enable_tracing: true
 # SG_AUTH_RAILS_REDIS_PASSWORD
 # SG_AUTH_JWT_PUBLIC_KEY_FILE
 # inflections:
 #   person: people
 #   sheep: sheep
 auth: 
  # Can be 'rails' or 'jwt'
  type: rails
  cookie: _{% app_name_slug %}_session
  rails:
    # Rails version this is used for reading the
    # various cookies formats.
    version: 5.2
    # Found in 'Rails.application.config.secret_key_base'
    secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566
    # Remote cookie store. (memcache or redis)
    # url: redis://127.0.0.1:6379
    # password: test
    # max_idle: 80,
    # max_active: 12000,
    # In most cases you don't need these
    # salt: "encrypted cookie"
    # sign_salt: "signed encrypted cookie"
    # auth_salt: "authenticated encrypted cookie"
  # jwt:
  #   provider: auth0
  #   secret: abc335bfcfdb04e50db5bb0a4d67ab9
  #   public_key_file: /secrets/public_key.pem
  #   public_key_type: ecdsa #rsa
 database:
  type: postgres
  host: db