Fix bug with auth config parsing

This commit is contained in:
Vikram Rangnekar 2019-04-09 08:43:42 -04:00
parent 2d02f2afda
commit 96adec81bd
7 changed files with 68 additions and 19 deletions

View File

@ -393,6 +393,8 @@ For validation a `secret` or a public key (ecdsa or rsa) is required. When using
Configuration files can either be in YAML or JSON their names are derived from the `GO_ENV` variable, for example `GO_ENV=prod` will cause the `prod.yaml` config file to be used. or `GO_ENV=dev` will use the `dev.yaml`. A path to look for the config files in can be specified using the `-path <folder>` command line argument.
We're tried to ensure that the config file is self documenting and easy to work with.
```yaml
title: Super Graph Development
host_port: 0.0.0.0:8080
@ -460,7 +462,7 @@ database:
# Define defaults to for the field key and values below
defaults:
filter: ["{ id: { _eq: $user_id } }"]
filter: ["{ user_id: { eq: $user_id } }"]
# Fields and table names that you wish to block
blacklist:
@ -473,16 +475,29 @@ database:
fields:
- name: users
filter: ["{ id: { _eq: $user_id } }"]
# This filter will overwrite defaults.filter
filter: ["{ id: { eq: $user_id } }"]
- name: products
# Multiple filters are AND'd together
filter: [
"{ price: { gt: 0 } }",
"{ price: { lt: 8 } }"
]
- name: customers
# No filter is used for this field not
# even defaults.filter
filter: none
- # You can create new fields that have a
# real db table backing them
name: me
table: users
filter: ["{ id: { eq: $user_id } }"]
# - name: posts
# filter: ["{ account_id: { _eq: $account_id } }"]
- name: my_products
table: products
filter: ["{ id: { _eq: $user_id } }"]
```
If deploying into environments like Kubernetes it's useful to be able to configure things like secrets and hosts though environment variables therfore we expose the below environment variables. This is escpecially useful for secrets since they are usually injected in via a secrets management framework ie. Kubernetes Secrets

View File

@ -4,5 +4,5 @@ Rails.application.routes.draw do
resources :products
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
root to: "home#index"
root to: "products#index"
end

View File

@ -13,6 +13,19 @@ customer_count = 100
product_count = 50
purchase_count = 100
3.times do |i|
user = User.create(
full_name: Faker::Name.name,
avatar: Faker::Avatar.image,
phone: Faker::PhoneNumber.cell_phone,
email: "user#{i}@example.com",
password: pwd,
password_confirmation: pwd
)
user.save!
puts user.inspect
end
user_count.times do |i|
user = User.create(
full_name: Faker::Name.name,

6
psql/bench.new.txt Normal file
View File

@ -0,0 +1,6 @@
goos: darwin
goarch: amd64
pkg: github.com/dosco/super-graph/psql
BenchmarkCompileGQLToSQL-8 30000 38686 ns/op 15110 B/op 262 allocs/op
PASS
ok github.com/dosco/super-graph/psql 1.637s

16
psql/bench.old.txt Normal file
View File

@ -0,0 +1,16 @@
? github.com/dosco/super-graph [no test files]
goos: darwin
goarch: amd64
pkg: github.com/dosco/super-graph/psql
BenchmarkCompileGQLToSQL-8 30000 45507 ns/op 14565 B/op 244 allocs/op
PASS
ok github.com/dosco/super-graph/psql 1.846s
goos: darwin
goarch: amd64
pkg: github.com/dosco/super-graph/qcode
BenchmarkParse-8 2000000000 0.00 ns/op
PASS
ok github.com/dosco/super-graph/qcode 0.008s
PASS
ok github.com/dosco/super-graph/serv 0.017s
? github.com/dosco/super-graph/util [no test files]

View File

@ -116,16 +116,17 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc {
if len(secret) == 0 {
panic(errors.New("no auth.rails_cookie.secret_key_base defined"))
}
return func(w http.ResponseWriter, r *http.Request) {
ck, err := r.Cookie(cookie)
if err != nil {
logger.Error(err)
next.ServeHTTP(w, r)
return
}
userID, err := railsAuth(ck.Value, secret)
if err != nil {
logger.Error(err)
next.ServeHTTP(w, r)
return
}
@ -138,11 +139,9 @@ func railsCookieHandler(next http.HandlerFunc) http.HandlerFunc {
func railsAuth(cookie, secret string) (userID string, err error) {
var dcookie []byte
if len(secret) != 0 {
dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt)
if err != nil {
return
}
dcookie, err = session.DecryptSignedCookie(cookie, secret, salt, signSalt)
if err != nil {
return
}
if dcookie[0] != '{' {

View File

@ -50,18 +50,18 @@ type config struct {
RailsCookie struct {
SecretKeyBase string `mapstructure:"secret_key_base"`
}
} `mapstructure:"rails_cookie"`
RailsMemcache struct {
Host string
}
} `mapstructure:"rails_memcache"`
RailsRedis struct {
URL string
Password string
MaxIdle int `mapstructure:"max_idle"`
MaxActive int `mapstructure:"max_active"`
}
} `mapstructure:"rails_redis"`
JWT struct {
Provider string
@ -120,7 +120,7 @@ func initConf() (*config, error) {
vi.AutomaticEnv()
vi.AddConfigPath(*path)
vi.AddConfigPath("./conf")
vi.AddConfigPath("./config")
vi.SetConfigName(getConfigName())
vi.SetDefault("host_port", "0.0.0.0:8080")