Fix bug with auth config parsing
This commit is contained in:
parent
2d02f2afda
commit
96adec81bd
@ -393,6 +393,8 @@ For validation a `secret` or a public key (ecdsa or rsa) is required. When using
|
||||
|
||||
Configuration files can either be in YAML or JSON their names are derived from the `GO_ENV` variable, for example `GO_ENV=prod` will cause the `prod.yaml` config file to be used. or `GO_ENV=dev` will use the `dev.yaml`. A path to look for the config files in can be specified using the `-path <folder>` command line argument.
|
||||
|
||||
We're tried to ensure that the config file is self documenting and easy to work with.
|
||||
|
||||
```yaml
|
||||
title: Super Graph Development
|
||||
host_port: 0.0.0.0:8080
|
||||
@ -460,7 +462,7 @@ database:
|
||||
|
||||
# Define defaults to for the field key and values below
|
||||
defaults:
|
||||
filter: ["{ id: { _eq: $user_id } }"]
|
||||
filter: ["{ user_id: { eq: $user_id } }"]
|
||||
|
||||
# Fields and table names that you wish to block
|
||||
blacklist:
|
||||
@ -473,16 +475,29 @@ database:
|
||||
|
||||
fields:
|
||||
- name: users
|
||||
filter: ["{ id: { _eq: $user_id } }"]
|
||||
# This filter will overwrite defaults.filter
|
||||
filter: ["{ id: { eq: $user_id } }"]
|
||||
|
||||
- name: products
|
||||
# Multiple filters are AND'd together
|
||||
filter: [
|
||||
"{ price: { gt: 0 } }",
|
||||
"{ price: { lt: 8 } }"
|
||||
]
|
||||
|
||||
- name: customers
|
||||
# No filter is used for this field not
|
||||
# even defaults.filter
|
||||
filter: none
|
||||
|
||||
- # You can create new fields that have a
|
||||
# real db table backing them
|
||||
name: me
|
||||
table: users
|
||||
filter: ["{ id: { eq: $user_id } }"]
|
||||
|
||||
# - name: posts
|
||||
# filter: ["{ account_id: { _eq: $account_id } }"]
|
||||
|
||||
- name: my_products
|
||||
table: products
|
||||
filter: ["{ id: { _eq: $user_id } }"]
|
||||
|
||||
|
||||
```
|
||||
|
||||
If deploying into environments like Kubernetes it's useful to be able to configure things like secrets and hosts though environment variables therfore we expose the below environment variables. This is escpecially useful for secrets since they are usually injected in via a secrets management framework ie. Kubernetes Secrets
|
||||
|
@ -4,5 +4,5 @@ Rails.application.routes.draw do
|
||||
resources :products
|
||||
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
|
||||
|
||||
root to: "home#index"
|
||||
root to: "products#index"
|
||||
end
|
||||
|
@ -13,6 +13,19 @@ customer_count = 100
|
||||
product_count = 50
|
||||
purchase_count = 100
|
||||
|
||||
3.times do |i|
|
||||
user = User.create(
|
||||
full_name: Faker::Name.name,
|
||||
avatar: Faker::Avatar.image,
|
||||
phone: Faker::PhoneNumber.cell_phone,
|
||||
email: "user#{i}@example.com",
|
||||
password: pwd,
|
||||
password_confirmation: pwd
|
||||
)
|
||||
user.save!
|
||||
puts user.inspect
|
||||
end
|
||||
|
||||
user_count.times do |i|
|
||||
user = User.create(
|
||||
full_name: Faker::Name.name,
|
||||
|
6
psql/bench.new.txt
Normal file
6
psql/bench.new.txt
Normal file
@ -0,0 +1,6 @@
|
||||
goos: darwin
|
||||
goarch: amd64
|
||||
pkg: github.com/dosco/super-graph/psql
|
||||
BenchmarkCompileGQLToSQL-8 30000 38686 ns/op 15110 B/op 262 allocs/op
|
||||
PASS
|
||||
ok github.com/dosco/super-graph/psql 1.637s
|
16
psql/bench.old.txt
Normal file
16
psql/bench.old.txt
Normal file
@ -0,0 +1,16 @@
|
||||
? github.com/dosco/super-graph [no test files]
|
||||
goos: darwin
|
||||
goarch: amd64
|
||||
pkg: github.com/dosco/super-graph/psql
|
||||
BenchmarkCompileGQLToSQL-8 30000 45507 ns/op 14565 B/op 244 allocs/op
|
||||
PASS
|
||||
ok github.com/dosco/super-graph/psql 1.846s
|
||||
goos: darwin
|
||||
goarch: amd64
|
||||
pkg: github.com/dosco/super-graph/qcode
|
||||
BenchmarkParse-8 2000000000 0.00 ns/op
|
||||
PASS
|
||||
ok github.com/dosco/super-graph/qcode 0.008s
|
||||
PASS
|
||||
ok github.com/dosco/super-graph/serv 0.017s
|
||||
? github.com/dosco/super-graph/util [no test files]
|
@ -116,16 +116,17 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc {
|
||||
if len(secret) == 0 {
|
||||
panic(errors.New("no auth.rails_cookie.secret_key_base defined"))
|
||||
}
|
||||
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
ck, err := r.Cookie(cookie)
|
||||
if err != nil {
|
||||
logger.Error(err)
|
||||
next.ServeHTTP(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
userID, err := railsAuth(ck.Value, secret)
|
||||
if err != nil {
|
||||
logger.Error(err)
|
||||
next.ServeHTTP(w, r)
|
||||
return
|
||||
}
|
||||
@ -138,11 +139,9 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc {
|
||||
func railsAuth(cookie, secret string) (userID string, err error) {
|
||||
var dcookie []byte
|
||||
|
||||
if len(secret) != 0 {
|
||||
dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
if dcookie[0] != '{' {
|
||||
|
@ -50,18 +50,18 @@ type config struct {
|
||||
|
||||
RailsCookie struct {
|
||||
SecretKeyBase string `mapstructure:"secret_key_base"`
|
||||
}
|
||||
} `mapstructure:"rails_cookie"`
|
||||
|
||||
RailsMemcache struct {
|
||||
Host string
|
||||
}
|
||||
} `mapstructure:"rails_memcache"`
|
||||
|
||||
RailsRedis struct {
|
||||
URL string
|
||||
Password string
|
||||
MaxIdle int `mapstructure:"max_idle"`
|
||||
MaxActive int `mapstructure:"max_active"`
|
||||
}
|
||||
} `mapstructure:"rails_redis"`
|
||||
|
||||
JWT struct {
|
||||
Provider string
|
||||
@ -120,7 +120,7 @@ func initConf() (*config, error) {
|
||||
vi.AutomaticEnv()
|
||||
|
||||
vi.AddConfigPath(*path)
|
||||
vi.AddConfigPath("./conf")
|
||||
vi.AddConfigPath("./config")
|
||||
vi.SetConfigName(getConfigName())
|
||||
|
||||
vi.SetDefault("host_port", "0.0.0.0:8080")
|
||||
|
Loading…
Reference in New Issue
Block a user