You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by ch...@apache.org on 2020/10/15 04:34:54 UTC
[apisix-dashboard] 01/02: fix auth bug
This is an automated email from the ASF dual-hosted git repository.
chenjunxu pushed a commit to branch refactor
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git
commit 65ed6232fc86dc170dc44013f99dfe182b918f0e
Author: nic-chen <jo...@163.com>
AuthorDate: Thu Oct 15 12:10:15 2020 +0800
fix auth bug
---
api/conf/conf.go | 14 +++-----------
api/filter/authentication.go | 2 +-
api/internal/handler/service/service_test.go | 4 ++--
3 files changed, 6 insertions(+), 14 deletions(-)
diff --git a/api/conf/conf.go b/api/conf/conf.go
index 66079b5..618274f 100644
--- a/api/conf/conf.go
+++ b/api/conf/conf.go
@@ -19,12 +19,13 @@ package conf
import (
"fmt"
"io/ioutil"
- "math/rand"
"os"
"path/filepath"
"runtime"
"github.com/tidwall/gjson"
+
+ "github.com/apisix/manager-api/internal/utils"
)
const ServerPort = 8080
@@ -138,15 +139,6 @@ func initApisix() {
}
}
-func randomString(n int) string {
- var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
- b := make([]rune, n)
- for i := range b {
- b[i] = letters[rand.Intn(len(letters))]
- }
- return string(b)
-}
-
func initAuthentication() {
filePath := configurationPath()
configurationContent, err := ioutil.ReadFile(filePath)
@@ -164,7 +156,7 @@ func initAuthentication() {
}
AuthenticationConfig.Session.Secret = configuration.Get("authentication.session.secret").String()
if "secret" == AuthenticationConfig.Session.Secret {
- AuthenticationConfig.Session.Secret = randomString(10)
+ AuthenticationConfig.Session.Secret = utils.GetFlakeUidStr()
}
AuthenticationConfig.Session.ExpireTime = configuration.Get("authentication.session.expireTime").Uint()
diff --git a/api/filter/authentication.go b/api/filter/authentication.go
index caebd9a..9928d2a 100644
--- a/api/filter/authentication.go
+++ b/api/filter/authentication.go
@@ -41,7 +41,7 @@ func Authentication() gin.HandlerFunc {
"message": "Request Unauthorized",
}
- if err != nil {
+ if err != nil || !token.Valid {
c.AbortWithStatusJSON(http.StatusUnauthorized, errResp)
return
}
diff --git a/api/internal/handler/service/service_test.go b/api/internal/handler/service/service_test.go
index a433e80..0bf78eb 100644
--- a/api/internal/handler/service/service_test.go
+++ b/api/internal/handler/service/service_test.go
@@ -108,8 +108,8 @@ func TestService(t *testing.T) {
_, err = handler.Update(ctx)
assert.Nil(t, err)
- //sleep
- time.Sleep(time.Duration(100) * time.Millisecond)
+ //sleep
+ time.Sleep(time.Duration(100) * time.Millisecond)
//list
listInput := &ListInput{}