Skip to content

add ID prefixing to endpoints. #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 8 commits into
base: develop
Choose a base branch
from
Open

add ID prefixing to endpoints. #178

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
352d520
add ID prefixing to endpoints.
Apr 24, 2023
b0f8d77
moved prefixing to go-lib
Apr 24, 2023
0dac653
delete unused code
Apr 24, 2023
53a77cf
err=
Apr 24, 2023
c398028
use go-lib 1.7.0
Apr 24, 2023
26208fc
update libmiddleware.Tracer() call
Apr 24, 2023
160287e
Merge branch 'develop' into task/sean/str-556
Apr 24, 2023
f3d370c
go mod tidy
Apr 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion api/api.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ func StartInternal(config APIConfig) {
}

func baseMiddleware(logger *zerolog.Logger, e *echo.Echo) {
e.Use(libmiddleware.Tracer())
e.Use(libmiddleware.Tracer("string-api"))
e.Use(libmiddleware.CORS())
e.Use(libmiddleware.RequestId())
e.Use(libmiddleware.Recover())
Expand Down
5 changes: 5 additions & 0 deletions api/handler/card.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,11 @@ func (card card) GetAll(c echo.Context) error {
return httperror.InternalError(c, "missing or invalid platformId")
}

err := libcommon.SanitizeIdInput(&struct{ UserId, PlatformId string }{userId, platformId}, &userId, &platformId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

res, err := card.Service.FetchSavedCards(ctx, userId, platformId)
if err != nil {
libcommon.LogStringError(c, err, "cards: get All")
Expand Down
22 changes: 21 additions & 1 deletion api/handler/login.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@ func (l login) VerifySignature(c echo.Context) error {
return httperror.InternalError(c, "missing or invalid platformId")
}

err := libcommon.SanitizeIdInput(&struct{ PlatformId string }{platformId}, &platformId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

strBypassDevice := c.QueryParam("bypassDevice")
bypassDevice := strBypassDevice == "true" // convert to bool. default is false

Expand Down Expand Up @@ -117,6 +122,11 @@ func (l login) VerifySignature(c echo.Context) error {
return httperror.InternalError(c)
}

err = libcommon.SanitizeIdOutput(&resp.User)
if err != nil {
libcommon.LogStringError(c, err, "RefreshToken: unable to sanitize id output")
return httperror.InternalError(c)
}
return c.JSON(http.StatusOK, resp)
}

Expand All @@ -127,8 +137,13 @@ func (l login) RefreshToken(c echo.Context) error {
return httperror.InternalError(c, "missing or invalid platformId")
}

err := libcommon.SanitizeIdInput(&struct{ PlatformId string }{platformId}, &platformId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

var body model.RefreshTokenPayload
err := c.Bind(&body)
err = c.Bind(&body)
if err != nil {
libcommon.LogStringError(c, err, "login: binding body")
return httperror.BadRequestError(c)
Expand Down Expand Up @@ -164,6 +179,11 @@ func (l login) RefreshToken(c echo.Context) error {
return httperror.InternalError(c)
}

err = libcommon.SanitizeIdOutput(&resp.User)
if err != nil {
libcommon.LogStringError(c, err, "RefreshToken: unable to sanitize id output")
return httperror.InternalError(c)
}
return c.JSON(http.StatusOK, resp)
}

Expand Down
4 changes: 4 additions & 0 deletions api/handler/quotes.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,10 @@ func (q quote) Quote(c echo.Context) error {
if !ok {
return httperror.InternalError(c, "missing or invalid platformId")
}
err = libcommon.SanitizeIdInput(&struct{ PlatformId string }{platformId}, &platformId)
if err != nil {
return httperror.InternalError(c, "Failed to sanitize platform id")
}

res, err := q.Service.Quote(ctx, body, platformId)
if err != nil {
Expand Down
7 changes: 6 additions & 1 deletion api/handler/transact.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,14 @@ func (t transaction) Transact(c echo.Context) error {
return httperror.InternalError(c, "missing or invalid platformId")
}

err := libcommon.SanitizeIdInput(&struct{ UserId, DeviceId, PlatformId string }{userId, deviceId, platformId}, &userId, &deviceId, &platformId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

var body model.ExecutionRequest

err := c.Bind(&body)
err = c.Bind(&body)
if err != nil {
libcommon.LogStringError(c, err, "transact: execute bind")
return httperror.BadRequestError(c)
Expand Down
40 changes: 37 additions & 3 deletions api/handler/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,14 @@ func (u user) Create(c echo.Context) error {
return httperror.InternalError(c, "missing or invalid platformId")
}

err := libcommon.SanitizeIdInput(&struct{ PlatformId string }{platformId}, &platformId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

ctx := c.Request().Context()
var body model.WalletSignaturePayloadSigned
err := c.Bind(&body)
err = c.Bind(&body)
if err != nil {
libcommon.LogStringError(c, err, "user:create user bind")
return httperror.BadRequestError(c)
Expand Down Expand Up @@ -88,6 +93,11 @@ func (u user) Create(c echo.Context) error {
return httperror.InternalError(c)
}

err = libcommon.SanitizeIdOutput(&resp.User)
if err != nil {
libcommon.LogStringError(c, err, "user: unable to sanitize id output")
return httperror.InternalError(c)
}
return c.JSON(http.StatusOK, resp)
}

Expand All @@ -98,6 +108,10 @@ func (u user) Status(c echo.Context) error {
return httperror.Unauthorized(c)
}

err := libcommon.SanitizeIdInput(&struct{ UserId string }{userId}, &userId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}
status, err := u.userService.GetStatus(ctx, userId)
if err != nil {
libcommon.LogStringError(c, err, "user: get status")
Expand All @@ -123,12 +137,22 @@ func (u user) Update(c echo.Context) error {

_, userId := validUserId(IdParam(c), c)

err = libcommon.SanitizeIdInput(&struct{ UserId string }{userId}, &userId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

user, err := u.userService.Update(ctx, userId, body)
if err != nil {
libcommon.LogStringError(c, err, "user: update")
return httperror.InternalError(c)
}

err = libcommon.SanitizeIdOutput(&user)
if err != nil {
libcommon.LogStringError(c, err, "user: failed to sanitize id output")
return httperror.InternalError(c)
}
return c.JSON(http.StatusOK, user)
}

Expand All @@ -152,7 +176,12 @@ func (u user) VerifyEmail(c echo.Context) error {
return httperror.BadRequestError(c, "Invalid email")
}

err := u.verificationService.SendEmailVerification(ctx, platformId, userId, email)
err := libcommon.SanitizeIdInput(&struct{ UserId, PlatformId string }{userId, platformId}, &userId, &platformId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

err = u.verificationService.SendEmailVerification(ctx, platformId, userId, email)
if err != nil {
libcommon.LogStringError(c, err, "user: email verification")

Expand All @@ -178,9 +207,14 @@ func (u user) PreValidateEmail(c echo.Context) error {
return httperror.InternalError(c, "missing or invalid platformId")
}

err := libcommon.SanitizeIdInput(&struct{ UserId, PlatformId string }{userId, platformId}, &userId, &platformId)
if err != nil {
return httperror.BadRequestError(c, err.Error())
}

// Get email from body
var body model.PreValidateEmail
err := c.Bind(&body)
err = c.Bind(&body)
if err != nil {
libcommon.LogStringError(c, err, "user: pre validate email bind")
return httperror.BadRequestError(c)
Expand Down
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go 1.19

require (
github.com/DATA-DOG/go-sqlmock v1.5.0
github.com/String-xyz/go-lib v1.6.0
github.com/String-xyz/go-lib v1.7.0
github.com/aws/aws-sdk-go v1.44.168
github.com/aws/aws-sdk-go-v2/config v1.18.7
github.com/aws/aws-sdk-go-v2/service/ssm v1.33.4
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@ github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpz
github.com/Shopify/goreferrer v0.0.0-20181106222321-ec9c9a553398/go.mod h1:a1uqRtAwp2Xwc6WNPJEufxJ7fx3npB4UV/JOLmbu5I0=
github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6 h1:fLjPD/aNc3UIOA6tDi6QXUemppXK3P9BI7mr2hd6gx8=
github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg=
github.com/String-xyz/go-lib v1.6.0 h1:Wf6wX0wpKbg620RAfSMnp8mHLFc/GHq7Ru1/JNfm+RE=
github.com/String-xyz/go-lib v1.6.0/go.mod h1:TFAJPYo6YXvk3A1p1WkFuoN5k1wGHbRTxuOg9KLjpUI=
github.com/String-xyz/go-lib v1.7.0 h1:dDJpeqLDK0BBP6Db+upPwySmcxcmvOlnxb+PXFBHzfM=
github.com/String-xyz/go-lib v1.7.0/go.mod h1:TFAJPYo6YXvk3A1p1WkFuoN5k1wGHbRTxuOg9KLjpUI=
github.com/VictoriaMetrics/fastcache v1.6.0 h1:C/3Oi3EiBCqufydp1neRZkqcwmEiuRT9c3fqvvgKm5o=
github.com/VictoriaMetrics/fastcache v1.6.0/go.mod h1:0qHz5QP0GMX4pfmMA/zt5RgfNuXJrTP0zS7DqpHGGTw=
github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY=
Expand Down