The authForUsername() function uses a closure that is almost identical
to the LookupUser() function, but is missing the handling for the PGP
key if called from meta.sr.ht. This causes at least the email
notifications for new OAuth2 tokens to be sent unencrypted. This commit
fixes that (and reduces code duplication) by calling LookupUser()
instead.
This requires the context for the tests to have a value for the calling
service, so add that to the mock.
---
auth/middleware.go | 44 +----------------------------------------
auth/middleware_test.go | 6 +++++-
2 files changed, 6 insertions(+), 44 deletions(-)
diff --git a/auth/middleware.go b/auth/middleware.go
index cb78aad..6a91df2 100644
--- a/auth/middleware.go
+++ b/auth/middleware.go
@@ -101,49 +101,7 @@ func authError(w http.ResponseWriter, reason string, code int) {
func authForUsername(ctx context.Context, username string) (*AuthContext, error) {
var auth AuthContext
- if err := database.WithTx(ctx, &sql.TxOptions{
- Isolation: 0,
- ReadOnly: true,
- }, func(tx *sql.Tx) error {
- var (
- err error
- rows *sql.Rows
- )
- query := database.
- Select(ctx, []string{
- `u.id`, `u.username`,
- `u.created`, `u.updated`,
- `u.email`,
- `u.user_type`,
- `u.url`, `u.location`, `u.bio`,
- `u.suspension_notice`,
- }).
- From(`"user" u`).
- Where(`u.username = ?`, username)
- if rows, err = query.RunWith(tx).Query(); err != nil {
- panic(err)
- }
- defer rows.Close()
-
- if !rows.Next() {
- if err := rows.Err(); err != nil {
- panic(err)
- }
- return fmt.Errorf("Authenticating for unknown user %s", username)
- }
- if err := rows.Scan(&auth.UserID, &auth.Username, &auth.Created,
- &auth.Updated, &auth.Email, &auth.UserType, &auth.URL, &auth.Location,
- &auth.Bio, &auth.SuspensionNotice); err != nil {
- panic(err)
- }
- if rows.Next() {
- if err := rows.Err(); err != nil {
- panic(err) // Invariant
- }
- panic(errors.New("Multiple matching user accounts; invariant broken"))
- }
- return nil
- }); err != nil {
+ if err := LookupUser(ctx, username, &auth); err != nil {
return nil, err
}
diff --git a/auth/middleware_test.go b/auth/middleware_test.go
index 59fbe0c..1efe99e 100644
--- a/auth/middleware_test.go
+++ b/auth/middleware_test.go
@@ -12,6 +12,7 @@ import (
"github.com/stretchr/testify/assert"
"github.com/vaughan0/go-ini"
+ "git.sr.ht/~sircmpwn/core-go/config"
"git.sr.ht/~sircmpwn/core-go/crypto"
"git.sr.ht/~sircmpwn/core-go/database"
)
@@ -185,7 +186,10 @@ func dbctx() (context.Context, sqlmock.Sqlmock) {
if err != nil {
panic(err)
}
- ctx := database.Context(context.Background(), db)
+ ctx := config.Context(
+ database.Context(context.Background(), db),
+ nil, "git.sr.ht",
+ )
return ctx, mock
}
--
2.35.1