Fixed internal server error for trying to login with wrong username
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
This commit is contained in:
parent
092a3f7712
commit
3abefb9adf
|
@ -1,4 +1,4 @@
|
|||
ADMIN_API_KEY=changeMe
|
||||
DATABASE_URL="postgresql://postgres:postgres@127.0.0.1:5432/auth"
|
||||
DATABASE_URL=postgres://postgres:puIleHgcpsvDr360ttUo@postgres:5432/auth?sslmode=disable
|
||||
JWT_SHARED_SECRET=changeMe
|
||||
WEB_BIND_HOST=":4000"
|
|
@ -5,7 +5,7 @@ services:
|
|||
image: postgres:14.2-alpine3.15
|
||||
environment:
|
||||
- POSTGRES_USER=postgres
|
||||
- POSTGRES_PASSWORD=postgres
|
||||
- POSTGRES_PASSWORD=puIleHgcpsvDr360ttUo
|
||||
- POSTGRES_DB=auth
|
||||
|
||||
db-migrations:
|
||||
|
@ -13,7 +13,7 @@ services:
|
|||
context: .
|
||||
dockerfile: Dockerfile.migrations
|
||||
environment:
|
||||
- DATABASE_URL=postgres://postgres:postgres@postgres:5432/auth?sslmode=disable
|
||||
- DATABASE_URL=postgres://postgres:puIleHgcpsvDr360ttUo@postgres:5432/auth?sslmode=disable
|
||||
command: ["--wait", "up"]
|
||||
profiles: ["migrations"]
|
||||
depends_on:
|
||||
|
@ -23,7 +23,7 @@ services:
|
|||
build: .
|
||||
environment:
|
||||
- ADMIN_API_KEY=hihi
|
||||
- DATABASE_URL=postgres://postgres:postgres@postgres:5432/auth?sslmode=disable
|
||||
- DATABASE_URL=postgres://postgres:puIleHgcpsvDr360ttUo@postgres:5432/auth?sslmode=disable
|
||||
- JWT_SHARED_SECRET=hihi
|
||||
- WEB_BIND_HOST=:4000
|
||||
depends_on:
|
||||
|
|
6
go.mod
6
go.mod
|
@ -3,7 +3,6 @@ module gitea.larvit.se/pwrpln/auth-api
|
|||
go 1.17
|
||||
|
||||
require (
|
||||
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751
|
||||
github.com/arsmn/fiber-swagger/v2 v2.24.0
|
||||
github.com/dgrijalva/jwt-go v3.2.0+incompatible
|
||||
github.com/gofiber/fiber/v2 v2.27.0
|
||||
|
@ -20,8 +19,6 @@ require (
|
|||
github.com/PuerkitoBio/purell v1.1.1 // indirect
|
||||
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
|
||||
github.com/andybalholm/brotli v1.0.4 // indirect
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
|
||||
github.com/ghodss/yaml v1.0.0 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.19.5 // indirect
|
||||
github.com/go-openapi/jsonreference v0.19.6 // indirect
|
||||
github.com/go-openapi/spec v0.20.4 // indirect
|
||||
|
@ -38,10 +35,7 @@ require (
|
|||
github.com/klauspost/compress v1.14.3 // indirect
|
||||
github.com/mailru/easyjson v0.7.7 // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||
github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
|
||||
github.com/swaggo/files v0.0.0-20210815190702-a29dd2bc99b2 // indirect
|
||||
github.com/urfave/cli/v2 v2.3.0 // indirect
|
||||
github.com/valyala/bytebufferpool v1.0.0 // indirect
|
||||
github.com/valyala/fasthttp v1.33.0 // indirect
|
||||
github.com/valyala/tcplisten v1.0.0 // indirect
|
||||
|
|
9
go.sum
9
go.sum
|
@ -8,8 +8,6 @@ github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV
|
|||
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
|
||||
github.com/agiledragon/gomonkey/v2 v2.3.1 h1:k+UnUY0EMNYUFUAQVETGY9uUTxjMdnUkP0ARyJS1zzs=
|
||||
github.com/agiledragon/gomonkey/v2 v2.3.1/go.mod h1:ap1AmDzcVOAz1YpeJ3TCzIgstoaWLA6jbbgxfB4w2iY=
|
||||
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM=
|
||||
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
|
||||
github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
|
||||
github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
|
||||
github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
|
||||
|
@ -22,8 +20,6 @@ github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMe
|
|||
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
|
||||
github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
|
||||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
|
@ -31,7 +27,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
|
|||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
|
||||
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
|
||||
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
|
||||
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
|
||||
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
|
||||
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
|
||||
|
@ -159,13 +154,10 @@ github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
|
|||
github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
|
||||
github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc=
|
||||
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
|
||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||
github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
|
||||
github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
|
||||
github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
|
||||
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
|
||||
github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
|
||||
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
|
||||
github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
|
||||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||
|
@ -186,7 +178,6 @@ github.com/swaggo/files v0.0.0-20210815190702-a29dd2bc99b2/go.mod h1:lKJPbtWzJ9J
|
|||
github.com/swaggo/swag v1.7.8/go.mod h1:gZ+TJ2w/Ve1RwQsA2IRoSOTidHz6DX+PIG8GWvbnoLU=
|
||||
github.com/swaggo/swag v1.7.9 h1:6vCG5mm43ebDzGlZPMGYrYI4zKFfOr5kicQX8qjeDwc=
|
||||
github.com/swaggo/swag v1.7.9/go.mod h1:gZ+TJ2w/Ve1RwQsA2IRoSOTidHz6DX+PIG8GWvbnoLU=
|
||||
github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M=
|
||||
github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
|
||||
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
|
||||
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
|
||||
|
|
|
@ -56,7 +56,7 @@ func (h Handlers) parseJWT(JWT string) (Claims, error) {
|
|||
return Claims{}, err
|
||||
}
|
||||
if !token.Valid {
|
||||
err := errors.New("Invalid token")
|
||||
err := errors.New("invalid token")
|
||||
return Claims{}, err
|
||||
}
|
||||
|
||||
|
@ -89,7 +89,7 @@ func (h Handlers) RequireAdminRole(c *fiber.Ctx) error {
|
|||
headers := h.parseHeaders(c)
|
||||
|
||||
if headers["Authorization"] == "" {
|
||||
return errors.New("Authorization header is missing")
|
||||
return errors.New("authorization header is missing")
|
||||
}
|
||||
|
||||
claims, claimsErr := h.parseJWT(headers["Authorization"])
|
||||
|
@ -98,11 +98,11 @@ func (h Handlers) RequireAdminRole(c *fiber.Ctx) error {
|
|||
}
|
||||
|
||||
if claims.AccountFields == nil {
|
||||
return errors.New("Account have no fields at all")
|
||||
return errors.New("account have no fields at all")
|
||||
}
|
||||
|
||||
if claims.AccountFields["role"] == nil {
|
||||
return errors.New("Account have no field named \"role\"")
|
||||
return errors.New("account have no field named \"role\"")
|
||||
}
|
||||
|
||||
for _, role := range claims.AccountFields["role"] {
|
||||
|
@ -111,7 +111,7 @@ func (h Handlers) RequireAdminRole(c *fiber.Ctx) error {
|
|||
}
|
||||
}
|
||||
|
||||
return errors.New("No \"admin\" role found on account")
|
||||
return errors.New("no \"admin\" role found on account")
|
||||
}
|
||||
|
||||
// RequireAdminRoleOrAccountID returns nil if no error is found
|
||||
|
@ -119,7 +119,7 @@ func (h Handlers) RequireAdminRoleOrAccountID(c *fiber.Ctx, accountID string) er
|
|||
headers := h.parseHeaders(c)
|
||||
|
||||
if headers["Authorization"] == "" {
|
||||
return errors.New("Authorization header is missing")
|
||||
return errors.New("authorization header is missing")
|
||||
}
|
||||
|
||||
claims, claimsErr := h.parseJWT(headers["Authorization"])
|
||||
|
|
|
@ -141,14 +141,14 @@ func (h Handlers) AccountAuthPassword(c *fiber.Ctx) error {
|
|||
|
||||
resolvedAccount, err := h.Db.AccountGet("", "", authInput.Name)
|
||||
if err != nil {
|
||||
if err.Error() == "No account found" {
|
||||
if err.Error() == "no rows in result set" {
|
||||
return c.Status(403).JSON([]ResJSONError{{Error: "Invalid name or password"}})
|
||||
}
|
||||
|
||||
return c.Status(500).JSON([]ResJSONError{{Error: err.Error()}})
|
||||
}
|
||||
|
||||
if utils.CheckPasswordHash(authInput.Password, resolvedAccount.Password) == false {
|
||||
if !utils.CheckPasswordHash(authInput.Password, resolvedAccount.Password) {
|
||||
return c.Status(403).JSON([]ResJSONError{{Error: "Invalid name or password"}})
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM node:16.8.0-slim
|
||||
FROM node:17.6.0-alpine3.15
|
||||
|
||||
WORKDIR /srv
|
||||
|
||||
|
|
|
@ -110,6 +110,36 @@ test('test-cases/01basic.js: Auth by username and password', async t => {
|
|||
t.equal(userJWT.accountName, userName, 'The verified account name should match the created user');
|
||||
});
|
||||
|
||||
test('test-cases/01basic.js: Auth by username and wrong password', async t => {
|
||||
try {
|
||||
await got.post(`${process.env.AUTH_URL}/auth/password`, {
|
||||
json: {
|
||||
name: userName,
|
||||
password: 'isWrong',
|
||||
},
|
||||
responseType: 'json',
|
||||
});
|
||||
t.fail('Trying to login with wrong password should fail with a 403');
|
||||
} catch(err) {
|
||||
t.equal(err.message, 'Response code 403 (Forbidden)', 'Trying to login with wrong password should fail with a 403');
|
||||
}
|
||||
});
|
||||
|
||||
test('test-cases/01basic.js: Auth by wrong username', async t => {
|
||||
try {
|
||||
await got.post(`${process.env.AUTH_URL}/auth/password`, {
|
||||
json: {
|
||||
name: 'lapptomte',
|
||||
password: 'isWrong',
|
||||
},
|
||||
responseType: 'json',
|
||||
});
|
||||
t.fail('Trying to login with wrong username should fail with a 403');
|
||||
} catch(err) {
|
||||
t.equal(err.message, 'Response code 403 (Forbidden)', 'Trying to login with wrong username should fail with a 403');
|
||||
}
|
||||
});
|
||||
|
||||
test('test-cases/01basic.js: PUT /account/{id}/fields', async t => {
|
||||
const res = await got.put(`${process.env.AUTH_URL}/account/${user.id}/fields`, {
|
||||
headers: { 'Authorization': `bearer ${adminJWTString}`},
|
||||
|
|
Loading…
Reference in New Issue
Block a user