Fix issues with JWT auth

2019-11-15 01:35:19 -05:00 · 2019-11-15 01:35:19 -05:00 · 396f4bcfd8
parent 51c5f037f4
commit 396f4bcfd8
6 changed files with 7 additions and 73 deletions
--- a/config/prod.yml
+++ b/config/prod.yml
@ -41,40 +41,6 @@ enable_tracing: true
 # SG_AUTH_RAILS_REDIS_PASSWORD
 # SG_AUTH_JWT_PUBLIC_KEY_FILE

-# inflections:
-#   person: people
-#   sheep: sheep
-
-auth: 
-  # Can be 'rails' or 'jwt'
-  type: rails
-  cookie: _app_session
-
-  rails:
-    # Rails version this is used for reading the
-    # various cookies formats.
-    version: 5.2
-
-    # Found in 'Rails.application.config.secret_key_base'
-    secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566
-    
-    # Remote cookie store. (memcache or redis)
-    # url: redis://127.0.0.1:6379
-    # password: test
-    # max_idle: 80,
-    # max_active: 12000,
-
-    # In most cases you don't need these
-    # salt: "encrypted cookie"
-    # sign_salt: "signed encrypted cookie"
-    # auth_salt: "authenticated encrypted cookie"
-
-  # jwt:
-  #   provider: auth0
-  #   secret: abc335bfcfdb04e50db5bb0a4d67ab9
-  #   public_key_file: /secrets/public_key.pem
-  #   public_key_type: ecdsa #rsa
-
 database:
  type: postgres
  host: db
--- a/serv/auth_jwt.go
+++ b/serv/auth_jwt.go
@ -95,8 +95,11 @@ func jwtHandler(next http.HandlerFunc) http.HandlerFunc {
 			} else {
 				ctx = context.WithValue(ctx, userIDKey, claims.Subject)
 			}
+
 			next.ServeHTTP(w, r.WithContext(ctx))
+			return
 		}
+
 		next.ServeHTTP(w, r)
 	}
 }
--- a/serv/http.go
+++ b/serv/http.go
@ -77,16 +77,14 @@ func apiv1Http(w http.ResponseWriter, r *http.Request) {
 	}

 	b, err := ioutil.ReadAll(io.LimitReader(r.Body, maxReadBytes))
-	defer r.Body.Close()
-
 	if err != nil {
 		logger.Err(err).Msg("failed to read request body")
 		errorResp(w, err)
 		return
 	}
+	defer r.Body.Close()

 	err = json.Unmarshal(b, &ctx.req)
-
 	if err != nil {
 		logger.Err(err).Msg("failed to decode json request body")
 		errorResp(w, err)
@ -109,10 +107,10 @@ func apiv1Http(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		logger.Err(err).Msg("failed to handle request")
 		errorResp(w, err)
+		return
 	}
 }

 func errorResp(w http.ResponseWriter, err error) {
-	w.WriteHeader(http.StatusBadRequest)
 	json.NewEncoder(w).Encode(gqlResp{Error: err.Error()})
 }
--- a/serv/serv.go
+++ b/serv/serv.go
@ -169,6 +169,7 @@ func routeHandler() http.Handler {
 	mux := http.NewServeMux()

 	mux.Handle("/api/v1/graphql", withAuth(apiv1Http))
+
 	if conf.WebUI {
 		mux.Handle("/", http.FileServer(rice.MustFindBox("../web/build").HTTPBox()))
 	}
--- a/tmpl/docker-compose.yml
+++ b/tmpl/docker-compose.yml
@ -1,4 +1,4 @@
-version: '3'
+version: '3.4'
 services:
  db:
    image: postgres
--- a/tmpl/prod.yml
+++ b/tmpl/prod.yml
@ -40,40 +40,6 @@ enable_tracing: true
 # SG_AUTH_RAILS_REDIS_PASSWORD
 # SG_AUTH_JWT_PUBLIC_KEY_FILE

-# inflections:
-#   person: people
-#   sheep: sheep
-
-auth: 
-  # Can be 'rails' or 'jwt'
-  type: rails
-  cookie: _{% app_name_slug %}_session
-
-  rails:
-    # Rails version this is used for reading the
-    # various cookies formats.
-    version: 5.2
-
-    # Found in 'Rails.application.config.secret_key_base'
-    secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566
-    
-    # Remote cookie store. (memcache or redis)
-    # url: redis://127.0.0.1:6379
-    # password: test
-    # max_idle: 80,
-    # max_active: 12000,
-
-    # In most cases you don't need these
-    # salt: "encrypted cookie"
-    # sign_salt: "signed encrypted cookie"
-    # auth_salt: "authenticated encrypted cookie"
-
-  # jwt:
-  #   provider: auth0
-  #   secret: abc335bfcfdb04e50db5bb0a4d67ab9
-  #   public_key_file: /secrets/public_key.pem
-  #   public_key_type: ecdsa #rsa
-
 database:
  type: postgres
  host: db