Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization for Queue and Token Endpoints #22

Merged
merged 33 commits into from
Apr 2, 2022
Merged

Authorization for Queue and Token Endpoints #22

merged 33 commits into from
Apr 2, 2022

Conversation

aneeshsharma
Copy link
Contributor

Implemented authorization for queue -

  • Any authenticated user can create a queue (anonymous or bearer)
  • The queue's owner is set to the authenticated user's uid
  • Only the queue's owner can perform any operations on the queue including ReadQueue
  • This is ensured by a middleware which is applied to all /queue/{id} endpoints

Implemented authorization for token -

  • Any user can create a token
  • Any user can read a token
  • Only the owner of the queue that the token belongs to can delete a token

As discussed with @daltonfury42 we might need a shallow ReadQueue later which any user can read basic information about the queue from.

aneeshsharma and others added 30 commits February 12, 2022 16:06
@aneeshsharma
implemented add token for queue store
fe8ca44
@aneeshsharma
implemented create token route
823cefe
@lint-action
Fix code style issues with gofmt
42120c2
@aneeshsharma
read tokens in the queue in readqueue
4ec0ec9
@aneeshsharma
Merge branch 'add-token' of github.com:SimplQ/simplQ-golang into add-…
9f4467e 
…token
@lint-action
Fix code style issues with gofmt
a44aee0
@aneeshsharma
implemented token number
d477b23
@aneeshsharma
merged origin add-token
c7875b4
@lint-action
Fix code style issues with gofmt
5299a8e
@aneeshsharma
added read token route
085b8bd
@aneeshsharma
Merge branch 'add-token' of github.com:SimplQ/simplQ-golang into add-…
310e9fb 
…token
@lint-action
Fix code style issues with gofmt
16e8417
@aneeshsharma
separated name length constants
534fd6a
@aneeshsharma
Merge branch 'add-token' of github.com:SimplQ/simplQ-golang into add-…
36a4f77 
…token
@aneeshsharma
log insert error for add token
4bc6002
@lint-action
Fix code style issues with gofmt
8533b6c
@aneeshsharma
implemented authentication token middleware
5197343
@lint-action
Fix code style issues with gofmt
dbc72e5
@aneeshsharma
explaning comments
beeae61
@lint-action
Fix code style issues with gofmt
6b9bfb4
@aneeshsharma @maaverik @lint-action
Update authorization with main (#20)
de112cf 
* Made gh action trigger on PRs also to get around stuck status checks (#19)

* Made gh action trigger on PRs also to get around stuck status checks

* Modified to trigger only on PRs

* Renamed check

* Add Token to Queue (#18)

* implemented add token for queue store

* implemented create token route

* Fix code style issues with gofmt

* read tokens in the queue in readqueue

* Fix code style issues with gofmt

* implemented token number

* Fix code style issues with gofmt

* added read token route

* Fix code style issues with gofmt

* separated name length constants

* log insert error for add token

* Fix code style issues with gofmt

* refactoring mongo store

* Fix code style issues with gofmt

Co-authored-by: Lint Action <[email protected]>

Co-authored-by: Nithin <[email protected]>
Co-authored-by: Lint Action <[email protected]>
@aneeshsharma
Merge branch 'main' into authorization
5f022f8
@aneeshsharma
use 'uid' as a constant
8db5c18
@aneeshsharma
Merge branch 'authorization' of github.com:SimplQ/simplQ-golang into …
d031da7 
…authorization
@aneeshsharma
renamed common.go to middleware.go for authentication package
5f24ab8
@lint-action
Fix code style issues with gofmt
f6345bf
@aneeshsharma
made getJWTValidator private
4cd7791
@aneeshsharma
Merge branch 'authorization' of github.com:SimplQ/simplQ-golang into …
27032cb 
…authorization
@aneeshsharma
authorization for queue
1980a3b
@aneeshsharma
implemented authorization for token endpoints
d262f91
daltonfury42
daltonfury42 previously approved these changes Mar 28, 2022
View reviewed changes
internal/handler/queue.go Outdated
@@ -123,9 +122,26 @@ func DeleteQueue(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}

func QueueCtx(next http.Handler) http.Handler {
func QueueMiddlware(next http.Handler) http.Handler {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was trying to think of a good name for this middleware. QueueOwnerAuthMiddleware?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok
Then I'll also rename TokenMiddleware to TokenOwnerAuthMiddleware

@aneeshsharma aneeshsharma merged commit eeb8401 into main Apr 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daltonfury42 daltonfury42 daltonfury42 approved these changes

@maaverik maaverik Awaiting requested review from maaverik

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aneeshsharma @daltonfury42 @lint-action