now mw parse token from query and from header

2024-06-08 15:50:59 +03:00 · 2024-06-08 15:50:59 +03:00 · 28e724dbad
commit 28e724dbad
parent e6b3646cc7
4 changed files with 20 additions and 11 deletions
--- a/api/openapi/v1/openapi.yaml
+++ b/api/openapi/v1/openapi.yaml
@ -828,9 +828,9 @@ paths:
      summary: Получение изменений аккаунта через SSE
      operationId: accountPipe
      parameters:
-        - name: userID
+        - name: token
          in: query
-          description: id пользователя
+          description: токен пользователя
          required: true
      responses:
        '200':
--- a/internal/interface/controller/http/account/controllers.go
+++ b/internal/interface/controller/http/account/controllers.go
@ -246,8 +246,8 @@ func (receiver *AccountController) Pagination(ctx *fiber.Ctx) error {
 }

 func (receiver *AccountController) AccountPipe(ctx *fiber.Ctx) error {
-	userID := ctx.Query("userID")
-	if userID == "" {
+	userID, ok := receiver.middleWare.ExtractUserID(ctx)
+	if !ok || userID == "" {
 		return receiver.middleWare.NoAuth(ctx)
 	}

--- a/internal/utils/authenticator.go
+++ b/internal/utils/authenticator.go
@ -29,9 +29,6 @@ func NewAuthenticator(jwtUtil *JWT) fiber.Handler {
 }

 func authenticate(jwtUtil *JWT, c *fiber.Ctx) error {
-	if c.Path() == "/account/pipe" {
-		return c.Next()
-	}
 	jws, err := parseJWSFromRequest(c)
 	if err != nil {
 		return err
@ -51,12 +48,17 @@ func authenticate(jwtUtil *JWT, c *fiber.Ctx) error {
 func parseJWSFromRequest(c *fiber.Ctx) (string, error) {
 	header := c.Get("Authorization")

-	if header == "" || !strings.HasPrefix(header, prefix) {
+	if header != "" && strings.HasPrefix(header, prefix) {
+		return strings.TrimPrefix(header, prefix), nil
+	}
+
+	token := c.Query("token")
+	if token == "" {
 		return "", errors.New(
-			fmt.Errorf("failed to parse jws from request header: %s", header),
+			fmt.Errorf("failed to parse jws from request: no valid token found"),
 			errors.ErrNoAccess,
 		)
 	}

-	return strings.TrimPrefix(header, prefix), nil
+	return token, nil
 }
--- a/tests/e2e/accountPipe_test.go
+++ b/tests/e2e/accountPipe_test.go
@ -5,12 +5,19 @@ import (
 	"fmt"
 	"github.com/stretchr/testify/assert"
 	"net/http"
+	"penahub.gitlab.yandexcloud.net/pena-services/customer/tests/helpers"
 	"testing"
 	"time"
 )

 func TestAccountPipe(t *testing.T) {
-	url := "http://localhost:8082/account/pipe?userID=64e53ed187392e122e5d3d50"
+	jwtUtil := helpers.InitializeJWT()
+
+	token, tokenErr := jwtUtil.Create("64ebda4387392e122e5d411f")
+	if !assert.NoError(t, tokenErr) {
+		return
+	}
+	url := fmt.Sprintf("http://localhost:8082/account/pipe?token=%s", token)
 	client := &http.Client{
 		Timeout: 100 * time.Second,
 	}