Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implemented Authentication Middelware #21

Merged
merged 28 commits into from
Mar 22, 2022
Merged

Implemented Authentication Middelware #21

merged 28 commits into from
Mar 22, 2022

Conversation

aneeshsharma
Copy link
Contributor

Implemented an authentication middleware.

  • The middleware reads the Authorization header of the http request
  • If the header is Anonymous <anonymous-uuid> then, <anonymous-uuid> is used as the ID for the user
  • If the header is Bearer <jwt-token> then, <jwt-token> is decoded using auth0 and the "sub" claim from the decoded token is used as the ID for the user
  • The middleware either returns an HTTP error if authentication is not successful or the id is invalid.
  • If an ID is successfully received, the middleware calls the next handler with uid in the context

We can then use the uid as the owner of the queue in CreateQueue etc.

The following environment variables need to be set in order for the middlware to work

AUTH0_DOMAIN=...
AUTH0_AUDIENCE=...

I am making use of godotenv to load these variables from a .env file for development purposes. When deploying we will need to set these variables accordingly.

aneeshsharma and others added 22 commits February 12, 2022 16:06
@aneeshsharma
implemented add token for queue store
fe8ca44
@aneeshsharma
implemented create token route
823cefe
@lint-action
Fix code style issues with gofmt
42120c2
@aneeshsharma
read tokens in the queue in readqueue
4ec0ec9
@aneeshsharma
Merge branch 'add-token' of github.com:SimplQ/simplQ-golang into add-…
9f4467e 
…token
@lint-action
Fix code style issues with gofmt
a44aee0
@aneeshsharma
implemented token number
d477b23
@aneeshsharma
merged origin add-token
c7875b4
@lint-action
Fix code style issues with gofmt
5299a8e
@aneeshsharma
added read token route
085b8bd
@aneeshsharma
Merge branch 'add-token' of github.com:SimplQ/simplQ-golang into add-…
310e9fb 
…token
@lint-action
Fix code style issues with gofmt
16e8417
@aneeshsharma
separated name length constants
534fd6a
@aneeshsharma
Merge branch 'add-token' of github.com:SimplQ/simplQ-golang into add-…
36a4f77 
…token
@aneeshsharma
log insert error for add token
4bc6002
@lint-action
Fix code style issues with gofmt
8533b6c
@aneeshsharma
implemented authentication token middleware
5197343
@lint-action
Fix code style issues with gofmt
dbc72e5
@aneeshsharma
explaning comments
beeae61
@lint-action
Fix code style issues with gofmt
6b9bfb4
@aneeshsharma @maaverik @lint-action
Update authorization with main (#20)
de112cf 
* Made gh action trigger on PRs also to get around stuck status checks (#19)

* Made gh action trigger on PRs also to get around stuck status checks

* Modified to trigger only on PRs

* Renamed check

* Add Token to Queue (#18)

* implemented add token for queue store

* implemented create token route

* Fix code style issues with gofmt

* read tokens in the queue in readqueue

* Fix code style issues with gofmt

* implemented token number

* Fix code style issues with gofmt

* added read token route

* Fix code style issues with gofmt

* separated name length constants

* log insert error for add token

* Fix code style issues with gofmt

* refactoring mongo store

* Fix code style issues with gofmt

Co-authored-by: Lint Action <[email protected]>

Co-authored-by: Nithin <[email protected]>
Co-authored-by: Lint Action <[email protected]>
@aneeshsharma
Merge branch 'main' into authorization
5f022f8
daltonfury42
daltonfury42 reviewed Mar 14, 2022
View reviewed changes
internal/authentication/common.go Outdated Show resolved Hide resolved
internal/authentication/common.go Outdated Show resolved Hide resolved
internal/handler/queue.go Show resolved Hide resolved
internal/handler/queue.go Outdated Show resolved Hide resolved
daltonfury42
daltonfury42 reviewed Mar 14, 2022
View reviewed changes
.gitignore
@@ -21,5 +21,5 @@ build/
# temporary build files create by air
tmp/

# dotenv variables
# env file
.env
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why should this be gitignored?

If it's okay, let's checkin the default .env file, it will be easier for others to run the code my making minimal edits.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It shouldn't be a problem right now. But since we also store secrets as env variables, I just added it to gitignore. Also, I think generally most projects keep .env in .gitignore.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be better to store these values as constants inside a go file instead of committing the .env file to git.

daltonfury42
daltonfury42 approved these changes Mar 21, 2022
View reviewed changes
Copy link
Contributor

@daltonfury42 daltonfury42 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@aneeshsharma aneeshsharma merged commit a62a5bc into main Mar 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daltonfury42 daltonfury42 daltonfury42 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aneeshsharma @daltonfury42 @lint-action