Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parse UUID from auth header for anonymous users #123

Merged
merged 4 commits into from
Feb 27, 2021
Merged

Parse UUID from auth header for anonymous users #123

merged 4 commits into from
Feb 27, 2021

Conversation

daltonfury42
Copy link
Collaborator

See Related to SimplQ/simplQ-frontend#477 for details.

Users who have not signed in will send to the backend a UUID generated at client side. This is used to identify the user, till he chooses to register.

Frontend PR: SimplQ/simplQ-frontend#554

@daltonfury42 daltonfury42 mentioned this pull request Feb 21, 2021
Merged
thehamzarocks
thehamzarocks approved these changes Feb 21, 2021
View reviewed changes
Copy link
Collaborator

@thehamzarocks thehamzarocks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need checks for UUID collisions since they are being generated client-side? I suppose at our current scale the possibility is extremely unlikely and even if it does happen, it won’t be a significant event

@daltonfury42
Copy link
Collaborator Author

Do we need checks for UUID collisions since they are being generated client-side? I suppose at our current scale the possibility is extremely unlikely and even if it does happen, it won’t be a significant event

Hmm.. unless there is a bug, uuids should not collide. 🤔

I don't think we will be able to detect collisions easily. 🤔 We would have to add some special header or flag when a UUID is generated, and check for uniqueness at backend side. 🤔 🤔 Or hope that such a bug will never happen. If it does, anonymous users would start managing each other's queue.

What do you think?

@thehamzarocks
Copy link
Collaborator

thehamzarocks commented Feb 21, 2021 via email

chalx
chalx reviewed Feb 25, 2021
View reviewed changes
simplq/src/test/java/me/simplq/controller/advices/AuthenticationFilterTest.java

@Test
void denyBadHeaderValues() throws MalformedURLException {
var authFilter = new AuthenticationFilter(new LoggedInUserInfo(), keyUrl);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A unit test should test only one unit of work. Here you test 6. So we can use @ParameterizedTestannotation and the method will look like this:

   @ParameterizedTest
   @ValueSource(strings = {null, "", "invalid header"}) //and so on
   void denyBadHeaderValues(String headerValue) throws MalformedURLException { 
        var authFilter = new AuthenticationFilter(new LoggedInUserInfo(), keyUrl);
       assertThrows(SQAccessDeniedException.class, () -> authFilter.authenticate(headerValue));
  }

@daltonfury42 daltonfury42 enabled auto-merge (squash) February 27, 2021 05:55
@daltonfury42 daltonfury42 merged commit 1be010d into master Feb 27, 2021
@daltonfury42 daltonfury42 deleted the anon-device-uuid branch February 27, 2021 05:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chalx chalx chalx left review comments

@thehamzarocks thehamzarocks thehamzarocks approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@daltonfury42 @thehamzarocks @chalx