Freegle / iznik-server-go / 632

Committed 04 Jul 2025 02:07PM UTC coverage: 89.268% (+0.2%) from 89.048%

Build # 632

Build Type

push

circleci

Committed by

edwh

Commit Message

Add API endpoints for worrywords and spam_keywords, protected by Admin/Support rights.

Run Details

4683 of 5246 relevant lines covered (89.27%)

9.21 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.11

/user/authMiddleware.go

package user

import (
        "fmt"
        "github.com/freegle/iznik-server-go/database"
        "github.com/getsentry/sentry-go"
        "github.com/gofiber/fiber/v2"
        "sync"
        "time"
)

type Config struct{}

func NewAuthMiddleware(config Config) fiber.Handler {
        return func(c *fiber.Ctx) error {
                var userIdInDB struct {
                        Id         uint64    `gorm:"id"`
                        Lastaccess time.Time `gorm:"lastaccess"`
                }

                userIdInJWT, sessionIdInJWT, _ := GetJWTFromRequest(c)

                var wg sync.WaitGroup

                if userIdInJWT > 0 {
                        // Flag our session for Sentry.
                        sentry.ConfigureScope(func(scope *sentry.Scope) {
                                scope.SetUser(sentry.User{ID: fmt.Sprint(userIdInJWT)})
                        })

                        // We have a valid JWT with a user id in it.  But is the user id still in our DB?  And do they still
                        // have the same active session?
                        wg.Add(1)
                        db := database.DBConn

                        go func() {
                                defer wg.Done()

                                // We have a uid.  Check if the user is still present in the DB.
                                db.Raw("SELECT users.id, users.lastaccess FROM sessions INNER JOIN users ON users.id = sessions.userid WHERE sessions.id = ? AND users.id = ? LIMIT 1;", sessionIdInJWT, userIdInJWT).Scan(&userIdInDB)
                        }()
                }

                ret := c.Next()
                wg.Wait()

                if userIdInJWT > 0 && (userIdInDB.Id != userIdInJWT) {
                        // We were passed a user ID in the JWT, but it's not present in the DB.  This means that the user has
                        // sent an invalid JWT.  Return an error.
                        ret = fiber.NewError(fiber.StatusUnauthorized, "JWT for invalid user or session")
                }

                // Update the last access time for the user if it is null or older than ten minutes.
                if userIdInJWT > 0 && userIdInDB.Id > 0 && (userIdInDB.Lastaccess.IsZero() || userIdInDB.Lastaccess.Before(time.Now().Add(-10*time.Minute))) {
                        db := database.DBConn
                        db.Exec("UPDATE users SET lastaccess = NOW() WHERE id = ?", userIdInDB.Id)
                }

                return ret
        }
}

1	package user
2
3	import (
4	"fmt"
5	"github.com/freegle/iznik-server-go/database"
6	"github.com/getsentry/sentry-go"
7	"github.com/gofiber/fiber/v2"
8	"sync"
9	"time"
10	)
11
12	type Config struct{}
13
14	func NewAuthMiddleware(config Config) fiber.Handler {	1✔
15	return func(c *fiber.Ctx) error {	123✔
16	var userIdInDB struct {	122✔
17	Id uint64 `gorm:"id"`	122✔
18	Lastaccess time.Time `gorm:"lastaccess"`	122✔
19	}	122✔
20		122✔
21	userIdInJWT, sessionIdInJWT, _ := GetJWTFromRequest(c)	122✔
22		122✔
23	var wg sync.WaitGroup	122✔
24		122✔
25	if userIdInJWT > 0 {	172✔
26	// Flag our session for Sentry.	50✔
27	sentry.ConfigureScope(func(scope *sentry.Scope) {	100✔
28	scope.SetUser(sentry.User{ID: fmt.Sprint(userIdInJWT)})	50✔
29	})	50✔
30
31	// We have a valid JWT with a user id in it. But is the user id still in our DB? And do they still
32	// have the same active session?
33	wg.Add(1)	50✔
34	db := database.DBConn	50✔
35		50✔
36	go func() {	100✔
37	defer wg.Done()	50✔
38		50✔
39	// We have a uid. Check if the user is still present in the DB.	50✔
40	db.Raw("SELECT users.id, users.lastaccess FROM sessions INNER JOIN users ON users.id = sessions.userid WHERE sessions.id = ? AND users.id = ? LIMIT 1;", sessionIdInJWT, userIdInJWT).Scan(&userIdInDB)	50✔
41	}()	50✔
42	}
43
44	ret := c.Next()	122✔
45	wg.Wait()	122✔
46		122✔
47	if userIdInJWT > 0 && (userIdInDB.Id != userIdInJWT) {	123✔
48	// We were passed a user ID in the JWT, but it's not present in the DB. This means that the user has	1✔
49	// sent an invalid JWT. Return an error.	1✔
50	ret = fiber.NewError(fiber.StatusUnauthorized, "JWT for invalid user or session")	1✔
51	}	1✔
52
53	// Update the last access time for the user if it is null or older than ten minutes.
54	if userIdInJWT > 0 && userIdInDB.Id > 0 && (userIdInDB.Lastaccess.IsZero() \|\| userIdInDB.Lastaccess.Before(time.Now().Add(-10*time.Minute))) {	122✔
55	db := database.DBConn	×
56	db.Exec("UPDATE users SET lastaccess = NOW() WHERE id = ?", userIdInDB.Id)	×
57	}	×
58
59	return ret	122✔
60	}
61	}

Freegle / iznik-server-go / 632

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous