TerribleDev/ente
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[server] Add auth key validation (#2696)

Browse Source 
## Description
This avoids the 5xx error for authEntity which happens when we try to
create an auth entity without reporting the corresponding key

## Tests
This commit is contained in:
Neeraj Gupta
2024-08-14 16:35:42 +05:30
committed by GitHub
parent efb89e710c 359572f4b2
commit 4fc1d708b9
2 changed files with 25 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/ente/errors.go
View File

@@ -178,6 +178,8 @@ const (
FileNotFoundInAlbum ErrorCode = "FILE_NOT_FOUND_IN_ALBUM"
AuthKeyNotCreated ErrorCode = "AUTH_KEY_NOT_CREATED"
// PublicCollectDisabled error code indicates that the user has not enabled public collect
PublicCollectDisabled ErrorCode = "PUBLIC_COLLECT_DISABLED"

23
server/pkg/controller/authenticator/controller.go
View File

@@ -1,11 +1,14 @@
package authenticaor
import (
"errors"
"github.com/ente-io/museum/ente"
model "github.com/ente-io/museum/ente/authenticator"
"github.com/ente-io/museum/pkg/repo/authenticator"
"github.com/ente-io/museum/pkg/utils/auth"
"github.com/ente-io/stacktrace"
"github.com/google/uuid"
"net/http"
"github.com/gin-gonic/gin"
)
@@ -33,6 +36,9 @@ func (c *Controller) GetKey(ctx *gin.Context) (*model.Key, error) {
// CreateEntity...
func (c *Controller) CreateEntity(ctx *gin.Context, req model.CreateEntityRequest) (*model.Entity, error) {
if err := c.validateKey(ctx); err != nil {
return nil, stacktrace.Propagate(err, "failed to validateKey")
}
userID := auth.GetUserID(ctx.Request.Header)
id, err := c.Repo.Create(ctx, userID, req)
if err != nil {
@@ -47,10 +53,27 @@ func (c *Controller) CreateEntity(ctx *gin.Context, req model.CreateEntityReques
// UpdateEntity...
func (c *Controller) UpdateEntity(ctx *gin.Context, req model.UpdateEntityRequest) error {
if err := c.validateKey(ctx); err != nil {
return stacktrace.Propagate(err, "failed to validateKey")
}
userID := auth.GetUserID(ctx.Request.Header)
return c.Repo.Update(ctx, userID, req)
}
func (c *Controller) validateKey(ctx *gin.Context) error {
userID := auth.GetUserID(ctx.Request.Header)
_, err := c.Repo.GetKey(ctx, userID)
if err != nil && errors.Is(err, &ente.ErrNotFoundError) {
return stacktrace.Propagate(&ente.ApiError{
Code: ente.AuthKeyNotCreated,
Message: "AuthKey is not created",
HttpStatusCode: http.StatusBadRequest,
}, "")
}
return err
}
// Delete...
func (c *Controller) Delete(ctx *gin.Context, entityID uuid.UUID) (bool, error) {
userID := auth.GetUserID(ctx.Request.Header)