Authentication #15
Merged
Authentication #15
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
modules/datahandling/datahandler.go
Outdated
|
|
||
| func (tokenPayload) Valid() error { | ||
| return nil | ||
| } |
Member
There was a problem hiding this comment.
why does this return nil?
Member
Author
There was a problem hiding this comment.
Normally, this is where we would check that the token is valid. However, we need access to the abstract request to make sure that the token's Username and the request's senderID is the same. Thus, the logic had to be handled outside of the Valid method, in the authenticate method just below.
This method then became redundant, but still needed an implementation for interface reasons.
I could move the token time checks into the valid method, but that would separate it from the username checks.
| @@ -0,0 +1,181 @@ | |||
| package datahandling | |||
Member
There was a problem hiding this comment.
should this file be authentication_test.go?
Member
Author
There was a problem hiding this comment.
Convention names it after the file it tests. Unless we extract it, it should show which file it's testing
modules/datahandling/userrequests.go
Outdated
| token := jwt.NewWithClaims(jwt.SigningMethodES256, tokenPayload{ | ||
| Username: f.Username, | ||
| CreationTime: time.Now().Unix(), | ||
| Validity: time.Now().Add(1 * time.Hour).Unix(), |
Member
There was a problem hiding this comment.
the 1 here is kind of a magic number, do we want this in config? also why only 1 hour?
Member
Author
There was a problem hiding this comment.
I figured 1 hour would be a short enough window to make sure that even if they deleted their account, the token would expire soon.
Member
Author
There was a problem hiding this comment.
But that probably should go in config.
Member
Author
There was a problem hiding this comment.
Done. This is now in config.
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
ObsessiveOrange
added a commit
that referenced
this pull request
Dec 4, 2016
* Merge pull request from CodeCollaborate/ServerWSManager to test Server ws management feature merged into test * Added new RunFormatter script (#3) * Added new RunFormatter script that prints any golint/govet errors, and auto-formats the source code Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Updated the Git hook to use RunFormatter instead of CheckFormatting Signed-off-by: Benedict Wong <bennydictwong@gmail.com> PR signed-off by Joel Shapiro * Signed off by @ObsessiveOrange * add parsing of top level JSON, begin work on dynamic parsing of request specific data * Finished factory methods for request lookup and creation. Have a single unit test. * Finalized design layout, reorganized abstract map constructor function placement to respective resource files, added tests * add separate function-space for unauthenticated request type and build appropriate framework around it * added the remaining user methods to the maps * Fixed some method signature issues. * fix minor naming issues and add missing todos * reduce unnecessary exporting * rename authenticated map * add new Request interface requrements to eliminate duplicate code * changed to new format for entering into the authentication map * Implemented new key format and new interface method for requests * fixed problems I forgot to fix before pushing * fixed reference issue * Made several optimizations through addition of several parameters as pointers. * add major tests to function map * fixed formatting issues Signed off by @ObsessiveOrange * added tests for invalid JSON (#5) Signed off by Benedict Wong * Update RabbitMQ tests (#7) * Updated RabbitMQ Tests, will error on failed RabbitMQ Conn Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Removed setup for better test clarity Signed-off-by: Benedict Wong <bennydictwong@gmail.com> PR signed off by: Joel Shapiro <joel.shapiro7@gmail.com> * DB/FS (#9) * added functions for relevant interactions with couchbase * mysql work * Updated Travis config for Couchbase setup * Disabled couchbase install for now * Couchbase (#8) * Test * Added bucket creation * Reduced sleep time * Reduced sleep time * Changed download file name Signed off by Joel Shapiro (jshap70) * fixed ben's dumb file endings * add all mysql functions and unify errors, lots of work * changed msyql config * added MySQL setup script, adding more errors for file storage prep added file system implementations still TODO: lookup file info by FileID, delete file This is a combination of 15 commits. tyring to fix mysql not being setup in travis * setting up mysql schema for travis * added lookup file metadata function to mysql, travis attempts fix linting issue update mysql schema * fix .gitignore issue * added schema switching based on config, fixed lots of issues w/ readability as well as file path joining Signed off by @ObsessiveOrange * fixed travis image in readme (#10) LGTM * Turn on travis caching, enable slack notifications in travis (#12) * turn on travis caching, enable slack notifications in travis * upgrade go to 1.7 * fix caching issue where we cached our own old code base (#13) * Intgoprocdandeling - aka: server function processing (#11) Implemented process functions & data handling. Server is now functionally ready to develop against. LGTM - ObsessiveOrange * Patching (#14) Ported OT logic to server, updated tests to be the same as clientcore * Authentication (#15) Added authentication and tests, added token validity timeout to server config file * add changes to RunTest.sh to allow for error printing to console (#16) * Logging (#17) New logger, logs to console and ./data/logs/ by default, changed docker setup script to use Go for extensibility. * change type assertion to type conversion, *mumble mumble* golang types are weird (#18) * Rabbitmq refactor unmerged (#20) Refactored RabbitMQ to allow for commands to be sent, refactored responses/notifications into separate package to prevent circular dependencies. * Resolve panic issue for subscribers and publishers killing each other Changed all control.Exit close commands to use Shutdown * api permissions (#19) * update mysql to add permission value map * reset changes to mysql, rename files * add permissions to config, add mysql sproc for permission lookup by project * implement go to mysql storedproc implementation, fix user permission stored proc to work for owner, fix erronious int8-int32 casting * reformat to follow go conventions * fix sproc definer hostname bug which was causing travis errors * setup framework for permissions probing * implement permission checking in required process functions * implement projectGetPermissionConstants * fix request plurality * add catch to reject adding an ownership permission * rebase cleanup * allow users to remove themselves * make error code more clear that changing owner is ready * fix foreign key on user deletion * add error catching if a user tries to revoke the permission of the owner * User.Delete request (#22) * first implementation of User.Delete * add project.delete notifications for all projects that are deleted with a user * requested changes for pr * hotfix to fix issues with mysql connection (#23) * resolve nil pointer reference panic on mysql error * change mysql permissions to execute only by default * add retries to mysql * add error on file.create error * change couchbase to ignore previously written files for now * add retry timeout * track todo * fix off by one error * Rabbitmq panic hotfix (#24) fix panic errors for sending on closed channel * fix runtests, revert couchbase to use insert * project revoke permission hotfix(es) (#26) * implement sending a notification to the user who's permissions are getting revoked * unsubscribe a user when their project permissions are revoked * run the server on travis build * Changed User.Projects to return full map of project objects (#27) * make delete require authentication * add password generation abilities outside of the user regiser request * reorganize * update command flag * Notification dedup (#31) Notifications will no longer be sent to the client that sent the originating request * Scrunching (#30) Added scrunching to backend. Will scrunch all but top N changes (currently a local variable) Dependent on CodeCollaborate/ClientCore#24 - Patch Batching * ensure unique filepaths per project (#32) implement duplicate projectID + file path + filename checking in mysql * travis yaml fixes for mysql version changes (#34) * update couchbase driver version (#36) * Script cleanup (#37) * rename and move scripts * cleanup formatter's formatting * make run_tests run parallel * fix formatter to only run commands once * cleanup prints * update commit hook * Add SSL to server (#35) * Added TLS if /config/TLS directory found Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Added update script Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Updated permissions Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Updated server script Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Removed git pulling Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Added init.d script, updated server script Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Updated permissions Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Updated init.d installer script Signed-off-by: Benedict Wong <bennydictwong@gmail.com> * Updated init.d installer script Signed-off-by: Benedict Wong <bennydictwong@gmail.com>
ObsessiveOrange
added a commit
that referenced
this pull request
Dec 17, 2016
Added authentication and tests, added token validity timeout to server config file
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Server-side authentication completely working, tested.
Integration test fully working - ClientCore required no changes.