wpetit
/
super-graph
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix bug with auth config parsing

This commit is contained in:
Vikram Rangnekar 2019-04-09 08:43:42 -04:00
parent 2d02f2afda
commit 96adec81bd
7 changed files with 68 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
docs/guide.md
View File

@ -393,6 +393,8 @@ For validation a `secret` or a public key (ecdsa or rsa) is required. When using
Configuration files can either be in YAML or JSON their names are derived from the `GO_ENV` variable, for example `GO_ENV=prod` will cause the `prod.yaml` config file to be used. or `GO_ENV=dev` will use the `dev.yaml`. A path to look for the config files in can be specified using the `-path <folder>` command line argument. Configuration files can either be in YAML or JSON their names are derived from the `GO_ENV` variable, for example `GO_ENV=prod` will cause the `prod.yaml` config file to be used. or `GO_ENV=dev` will use the `dev.yaml`. A path to look for the config files in can be specified using the `-path <folder>` command line argument.
We're tried to ensure that the config file is self documenting and easy to work with.
```yaml ```yaml
title: Super Graph Development title: Super Graph Development
host_port: 0.0.0.0:8080 host_port: 0.0.0.0:8080
@ -460,7 +462,7 @@ database:
# Define defaults to for the field key and values below # Define defaults to for the field key and values below
defaults: defaults:
filter: ["{ id: { _eq: $user_id } }"] filter: ["{ user_id: { eq: $user_id } }"]
# Fields and table names that you wish to block # Fields and table names that you wish to block
blacklist: blacklist:
@ -473,16 +475,29 @@ database:
fields: fields:
- name: users - name: users
filter: ["{ id: { _eq: $user_id } }"] # This filter will overwrite defaults.filter
filter: ["{ id: { eq: $user_id } }"]
- name: products
# Multiple filters are AND'd together
filter: [
"{ price: { gt: 0 } }",
"{ price: { lt: 8 } }"
]
- name: customers
# No filter is used for this field not
# even defaults.filter
filter: none
- # You can create new fields that have a
# real db table backing them
name: me
table: users
filter: ["{ id: { eq: $user_id } }"]
# - name: posts # - name: posts
# filter: ["{ account_id: { _eq: $account_id } }"] # filter: ["{ account_id: { _eq: $account_id } }"]
- name: my_products
table: products
filter: ["{ id: { _eq: $user_id } }"]
``` ```
If deploying into environments like Kubernetes it's useful to be able to configure things like secrets and hosts though environment variables therfore we expose the below environment variables. This is escpecially useful for secrets since they are usually injected in via a secrets management framework ie. Kubernetes Secrets If deploying into environments like Kubernetes it's useful to be able to configure things like secrets and hosts though environment variables therfore we expose the below environment variables. This is escpecially useful for secrets since they are usually injected in via a secrets management framework ie. Kubernetes Secrets

2
example/config/routes.rb
View File

@ -4,5 +4,5 @@ Rails.application.routes.draw do
resources :products resources :products
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
root to: "home#index" root to: "products#index"
end end

13
example/db/seeds.rb
View File

@ -13,6 +13,19 @@ customer_count = 100
product_count = 50 product_count = 50
purchase_count = 100 purchase_count = 100
3.times do |i|
user = User.create(
full_name: Faker::Name.name,
avatar: Faker::Avatar.image,
phone: Faker::PhoneNumber.cell_phone,
email: "user#{i}@example.com",
password: pwd,
password_confirmation: pwd
)
user.save!
puts user.inspect
end
user_count.times do |i| user_count.times do |i|
user = User.create( user = User.create(
full_name: Faker::Name.name, full_name: Faker::Name.name,

6
psql/bench.new.txt Normal file
View File

@ -0,0 +1,6 @@
goos: darwin
goarch: amd64
pkg: github.com/dosco/super-graph/psql
BenchmarkCompileGQLToSQL-8 30000 38686 ns/op 15110 B/op 262 allocs/op
PASS
ok github.com/dosco/super-graph/psql 1.637s

16
psql/bench.old.txt Normal file
View File

@ -0,0 +1,16 @@
? github.com/dosco/super-graph [no test files]
goos: darwin
goarch: amd64
pkg: github.com/dosco/super-graph/psql
BenchmarkCompileGQLToSQL-8 30000 45507 ns/op 14565 B/op 244 allocs/op
PASS
ok github.com/dosco/super-graph/psql 1.846s
goos: darwin
goarch: amd64
pkg: github.com/dosco/super-graph/qcode
BenchmarkParse-8 2000000000 0.00 ns/op
PASS
ok github.com/dosco/super-graph/qcode 0.008s
PASS
ok github.com/dosco/super-graph/serv 0.017s
? github.com/dosco/super-graph/util [no test files]

11
serv/auth_rails.go
View File

@ -116,16 +116,17 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc {
if len(secret) == 0 { if len(secret) == 0 {
panic(errors.New("no auth.rails_cookie.secret_key_base defined")) panic(errors.New("no auth.rails_cookie.secret_key_base defined"))
} }
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
ck, err := r.Cookie(cookie) ck, err := r.Cookie(cookie)
if err != nil { if err != nil {
logger.Error(err)
next.ServeHTTP(w, r) next.ServeHTTP(w, r)
return return
} }
userID, err := railsAuth(ck.Value, secret) userID, err := railsAuth(ck.Value, secret)
if err != nil { if err != nil {
logger.Error(err)
next.ServeHTTP(w, r) next.ServeHTTP(w, r)
return return
} }
@ -138,11 +139,9 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc {
func railsAuth(cookie, secret string) (userID string, err error) { func railsAuth(cookie, secret string) (userID string, err error) {
var dcookie []byte var dcookie []byte
if len(secret) != 0 { dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt)
dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt) if err != nil {
if err != nil { return
return
}
} }
if dcookie[0] != '{' { if dcookie[0] != '{' {

8
serv/serv.go
View File

@ -50,18 +50,18 @@ type config struct {
RailsCookie struct { RailsCookie struct {
SecretKeyBase string `mapstructure:"secret_key_base"` SecretKeyBase string `mapstructure:"secret_key_base"`
} } `mapstructure:"rails_cookie"`
RailsMemcache struct { RailsMemcache struct {
Host string Host string
} } `mapstructure:"rails_memcache"`
RailsRedis struct { RailsRedis struct {
URL string URL string
Password string Password string
MaxIdle int `mapstructure:"max_idle"` MaxIdle int `mapstructure:"max_idle"`
MaxActive int `mapstructure:"max_active"` MaxActive int `mapstructure:"max_active"`
} } `mapstructure:"rails_redis"`
JWT struct { JWT struct {
Provider string Provider string
@ -120,7 +120,7 @@ func initConf() (*config, error) {
vi.AutomaticEnv() vi.AutomaticEnv()
vi.AddConfigPath(*path) vi.AddConfigPath(*path)
vi.AddConfigPath("./conf") vi.AddConfigPath("./config")
vi.SetConfigName(getConfigName()) vi.SetConfigName(getConfigName())
vi.SetDefault("host_port", "0.0.0.0:8080") vi.SetDefault("host_port", "0.0.0.0:8080")