From 96adec81bdfb8268051a0e919dbe44e65a4d7adf Mon Sep 17 00:00:00 2001 From: Vikram Rangnekar Date: Tue, 9 Apr 2019 08:43:42 -0400 Subject: [PATCH] Fix bug with auth config parsing --- docs/guide.md | 31 +++++++++++++++++++++++-------- example/config/routes.rb | 2 +- example/db/seeds.rb | 13 +++++++++++++ psql/bench.new.txt | 6 ++++++ psql/bench.old.txt | 16 ++++++++++++++++ serv/auth_rails.go | 11 +++++------ serv/serv.go | 8 ++++---- 7 files changed, 68 insertions(+), 19 deletions(-) create mode 100644 psql/bench.new.txt create mode 100644 psql/bench.old.txt diff --git a/docs/guide.md b/docs/guide.md index 9fbe884..8a3ba9f 100644 --- a/docs/guide.md +++ b/docs/guide.md @@ -393,6 +393,8 @@ For validation a `secret` or a public key (ecdsa or rsa) is required. When using Configuration files can either be in YAML or JSON their names are derived from the `GO_ENV` variable, for example `GO_ENV=prod` will cause the `prod.yaml` config file to be used. or `GO_ENV=dev` will use the `dev.yaml`. A path to look for the config files in can be specified using the `-path ` command line argument. +We're tried to ensure that the config file is self documenting and easy to work with. + ```yaml title: Super Graph Development host_port: 0.0.0.0:8080 @@ -460,7 +462,7 @@ database: # Define defaults to for the field key and values below defaults: - filter: ["{ id: { _eq: $user_id } }"] + filter: ["{ user_id: { eq: $user_id } }"] # Fields and table names that you wish to block blacklist: @@ -473,16 +475,29 @@ database: fields: - name: users - filter: ["{ id: { _eq: $user_id } }"] + # This filter will overwrite defaults.filter + filter: ["{ id: { eq: $user_id } }"] + + - name: products + # Multiple filters are AND'd together + filter: [ + "{ price: { gt: 0 } }", + "{ price: { lt: 8 } }" + ] + + - name: customers + # No filter is used for this field not + # even defaults.filter + filter: none + + - # You can create new fields that have a + # real db table backing them + name: me + table: users + filter: ["{ id: { eq: $user_id } }"] # - name: posts # filter: ["{ account_id: { _eq: $account_id } }"] - - - name: my_products - table: products - filter: ["{ id: { _eq: $user_id } }"] - - ``` If deploying into environments like Kubernetes it's useful to be able to configure things like secrets and hosts though environment variables therfore we expose the below environment variables. This is escpecially useful for secrets since they are usually injected in via a secrets management framework ie. Kubernetes Secrets diff --git a/example/config/routes.rb b/example/config/routes.rb index 692258f..34eefab 100644 --- a/example/config/routes.rb +++ b/example/config/routes.rb @@ -4,5 +4,5 @@ Rails.application.routes.draw do resources :products # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html - root to: "home#index" + root to: "products#index" end diff --git a/example/db/seeds.rb b/example/db/seeds.rb index c636279..2380d94 100644 --- a/example/db/seeds.rb +++ b/example/db/seeds.rb @@ -13,6 +13,19 @@ customer_count = 100 product_count = 50 purchase_count = 100 +3.times do |i| + user = User.create( + full_name: Faker::Name.name, + avatar: Faker::Avatar.image, + phone: Faker::PhoneNumber.cell_phone, + email: "user#{i}@example.com", + password: pwd, + password_confirmation: pwd + ) + user.save! + puts user.inspect +end + user_count.times do |i| user = User.create( full_name: Faker::Name.name, diff --git a/psql/bench.new.txt b/psql/bench.new.txt new file mode 100644 index 0000000..4e2f2a2 --- /dev/null +++ b/psql/bench.new.txt @@ -0,0 +1,6 @@ +goos: darwin +goarch: amd64 +pkg: github.com/dosco/super-graph/psql +BenchmarkCompileGQLToSQL-8 30000 38686 ns/op 15110 B/op 262 allocs/op +PASS +ok github.com/dosco/super-graph/psql 1.637s diff --git a/psql/bench.old.txt b/psql/bench.old.txt new file mode 100644 index 0000000..0dad404 --- /dev/null +++ b/psql/bench.old.txt @@ -0,0 +1,16 @@ +? github.com/dosco/super-graph [no test files] +goos: darwin +goarch: amd64 +pkg: github.com/dosco/super-graph/psql +BenchmarkCompileGQLToSQL-8 30000 45507 ns/op 14565 B/op 244 allocs/op +PASS +ok github.com/dosco/super-graph/psql 1.846s +goos: darwin +goarch: amd64 +pkg: github.com/dosco/super-graph/qcode +BenchmarkParse-8 2000000000 0.00 ns/op +PASS +ok github.com/dosco/super-graph/qcode 0.008s +PASS +ok github.com/dosco/super-graph/serv 0.017s +? github.com/dosco/super-graph/util [no test files] diff --git a/serv/auth_rails.go b/serv/auth_rails.go index 463fbc3..3b71107 100644 --- a/serv/auth_rails.go +++ b/serv/auth_rails.go @@ -116,16 +116,17 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc { if len(secret) == 0 { panic(errors.New("no auth.rails_cookie.secret_key_base defined")) } - return func(w http.ResponseWriter, r *http.Request) { ck, err := r.Cookie(cookie) if err != nil { + logger.Error(err) next.ServeHTTP(w, r) return } userID, err := railsAuth(ck.Value, secret) if err != nil { + logger.Error(err) next.ServeHTTP(w, r) return } @@ -138,11 +139,9 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc { func railsAuth(cookie, secret string) (userID string, err error) { var dcookie []byte - if len(secret) != 0 { - dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt) - if err != nil { - return - } + dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt) + if err != nil { + return } if dcookie[0] != '{' { diff --git a/serv/serv.go b/serv/serv.go index 16f7341..4dbb35d 100644 --- a/serv/serv.go +++ b/serv/serv.go @@ -50,18 +50,18 @@ type config struct { RailsCookie struct { SecretKeyBase string `mapstructure:"secret_key_base"` - } + } `mapstructure:"rails_cookie"` RailsMemcache struct { Host string - } + } `mapstructure:"rails_memcache"` RailsRedis struct { URL string Password string MaxIdle int `mapstructure:"max_idle"` MaxActive int `mapstructure:"max_active"` - } + } `mapstructure:"rails_redis"` JWT struct { Provider string @@ -120,7 +120,7 @@ func initConf() (*config, error) { vi.AutomaticEnv() vi.AddConfigPath(*path) - vi.AddConfigPath("./conf") + vi.AddConfigPath("./config") vi.SetConfigName(getConfigName()) vi.SetDefault("host_port", "0.0.0.0:8080")