This is an automated email from the ASF dual-hosted git repository. chenjunxu pushed a commit to branch refactor in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git
commit 65ed6232fc86dc170dc44013f99dfe182b918f0e Author: nic-chen <[email protected]> AuthorDate: Thu Oct 15 12:10:15 2020 +0800 fix auth bug --- api/conf/conf.go | 14 +++----------- api/filter/authentication.go | 2 +- api/internal/handler/service/service_test.go | 4 ++-- 3 files changed, 6 insertions(+), 14 deletions(-) diff --git a/api/conf/conf.go b/api/conf/conf.go index 66079b5..618274f 100644 --- a/api/conf/conf.go +++ b/api/conf/conf.go @@ -19,12 +19,13 @@ package conf import ( "fmt" "io/ioutil" - "math/rand" "os" "path/filepath" "runtime" "github.com/tidwall/gjson" + + "github.com/apisix/manager-api/internal/utils" ) const ServerPort = 8080 @@ -138,15 +139,6 @@ func initApisix() { } } -func randomString(n int) string { - var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") - b := make([]rune, n) - for i := range b { - b[i] = letters[rand.Intn(len(letters))] - } - return string(b) -} - func initAuthentication() { filePath := configurationPath() configurationContent, err := ioutil.ReadFile(filePath) @@ -164,7 +156,7 @@ func initAuthentication() { } AuthenticationConfig.Session.Secret = configuration.Get("authentication.session.secret").String() if "secret" == AuthenticationConfig.Session.Secret { - AuthenticationConfig.Session.Secret = randomString(10) + AuthenticationConfig.Session.Secret = utils.GetFlakeUidStr() } AuthenticationConfig.Session.ExpireTime = configuration.Get("authentication.session.expireTime").Uint() diff --git a/api/filter/authentication.go b/api/filter/authentication.go index caebd9a..9928d2a 100644 --- a/api/filter/authentication.go +++ b/api/filter/authentication.go @@ -41,7 +41,7 @@ func Authentication() gin.HandlerFunc { "message": "Request Unauthorized", } - if err != nil { + if err != nil || !token.Valid { c.AbortWithStatusJSON(http.StatusUnauthorized, errResp) return } diff --git a/api/internal/handler/service/service_test.go b/api/internal/handler/service/service_test.go index a433e80..0bf78eb 100644 --- a/api/internal/handler/service/service_test.go +++ b/api/internal/handler/service/service_test.go @@ -108,8 +108,8 @@ func TestService(t *testing.T) { _, err = handler.Update(ctx) assert.Nil(t, err) - //sleep - time.Sleep(time.Duration(100) * time.Millisecond) + //sleep + time.Sleep(time.Duration(100) * time.Millisecond) //list listInput := &ListInput{}
