web: error as errors
continuous-integration/drone the build is pending
Details
continuous-integration/drone the build is pending
Details
This commit is contained in:
parent
9542ac4272
commit
32f0d84427
|
|
@ -32,7 +32,7 @@ func apiLogin(r *gin.Engine, ws *web.Service) {
|
||||||
var data login
|
var data login
|
||||||
if err := c.BindJSON(&data); err != nil {
|
if err := c.BindJSON(&data); err != nil {
|
||||||
c.JSON(http.StatusBadRequest, web.HTTPError{
|
c.JSON(http.StatusBadRequest, web.HTTPError{
|
||||||
Message: web.APIErrorInvalidRequestFormat,
|
Message: web.ErrAPIInvalidRequestFormat.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
@ -42,20 +42,20 @@ func apiLogin(r *gin.Engine, ws *web.Service) {
|
||||||
if err := ws.DB.Where(map[string]interface{}{"username": data.Username}).First(d).Error; err != nil {
|
if err := ws.DB.Where(map[string]interface{}{"username": data.Username}).First(d).Error; err != nil {
|
||||||
if errors.Is(err, gorm.ErrRecordNotFound) {
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||||
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
||||||
Message: APIErrorUserNotFound,
|
Message: ErrAPIUserNotFound.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: web.APIErrorInternalDatabase,
|
Message: web.ErrAPIInternalDatabase.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !d.ValidatePassword(data.Password) {
|
if !d.ValidatePassword(data.Password) {
|
||||||
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
||||||
Message: APIErrorIncorrectPassword,
|
Message: ErrAPIIncorrectPassword.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -64,7 +64,7 @@ func apiLogin(r *gin.Engine, ws *web.Service) {
|
||||||
session.Set("user_id", d.ID.String())
|
session.Set("user_id", d.ID.String())
|
||||||
if err := session.Save(); err != nil {
|
if err := session.Save(); err != nil {
|
||||||
c.JSON(http.StatusBadRequest, web.HTTPError{
|
c.JSON(http.StatusBadRequest, web.HTTPError{
|
||||||
Message: APIErrorCreateSession,
|
Message: ErrAPICreateSession.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -21,21 +21,21 @@ func TestAPILogin(t *testing.T) {
|
||||||
// invalid
|
// invalid
|
||||||
err = s.Request(http.MethodPost, "/api/v1/auth/login", 1, http.StatusBadRequest, &hErr)
|
err = s.Request(http.MethodPost, "/api/v1/auth/login", 1, http.StatusBadRequest, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(web.APIErrorInvalidRequestFormat, hErr.Message)
|
assert.Equal(web.ErrAPIInvalidRequestFormat.Error(), hErr.Message)
|
||||||
|
|
||||||
req := login{}
|
req := login{}
|
||||||
hErr = web.HTTPError{}
|
hErr = web.HTTPError{}
|
||||||
// invalid - user
|
// invalid - user
|
||||||
err = s.Request(http.MethodPost, "/api/v1/auth/login", &req, http.StatusUnauthorized, &hErr)
|
err = s.Request(http.MethodPost, "/api/v1/auth/login", &req, http.StatusUnauthorized, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(APIErrorUserNotFound, hErr.Message)
|
assert.Equal(ErrAPIUserNotFound.Error(), hErr.Message)
|
||||||
|
|
||||||
req.Username = "admin"
|
req.Username = "admin"
|
||||||
hErr = web.HTTPError{}
|
hErr = web.HTTPError{}
|
||||||
// invalid - password
|
// invalid - password
|
||||||
err = s.Request(http.MethodPost, "/api/v1/auth/login", &req, http.StatusUnauthorized, &hErr)
|
err = s.Request(http.MethodPost, "/api/v1/auth/login", &req, http.StatusUnauthorized, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(APIErrorIncorrectPassword, hErr.Message)
|
assert.Equal(ErrAPIIncorrectPassword.Error(), hErr.Message)
|
||||||
|
|
||||||
req.Password = "CHANGEME"
|
req.Password = "CHANGEME"
|
||||||
obj := User{}
|
obj := User{}
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,7 @@ func apiMyDelete(r *gin.Engine, ws *web.Service) {
|
||||||
}
|
}
|
||||||
if err := ws.DB.Delete(&User{ID: id}).Error; err != nil {
|
if err := ws.DB.Delete(&User{ID: id}).Error; err != nil {
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: web.APIErrorInternalDatabase,
|
Message: web.ErrAPIInternalDatabase.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@ func TestAPIDeleteMyProfil(t *testing.T) {
|
||||||
// invalid
|
// invalid
|
||||||
err = s.Request(http.MethodDelete, "/api/v1/my/profil", nil, http.StatusUnauthorized, &hErr)
|
err = s.Request(http.MethodDelete, "/api/v1/my/profil", nil, http.StatusUnauthorized, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(APIErrorNoSession, hErr.Message)
|
assert.Equal(ErrAPINoSession.Error(), hErr.Message)
|
||||||
|
|
||||||
err = s.Login(webtest.Login{
|
err = s.Login(webtest.Login{
|
||||||
Username: "admin",
|
Username: "admin",
|
||||||
|
|
|
||||||
|
|
@ -29,14 +29,14 @@ func apiMyPassword(r *gin.Engine, ws *web.Service) {
|
||||||
var password string
|
var password string
|
||||||
if err := c.BindJSON(&password); err != nil {
|
if err := c.BindJSON(&password); err != nil {
|
||||||
c.JSON(http.StatusBadRequest, web.HTTPError{
|
c.JSON(http.StatusBadRequest, web.HTTPError{
|
||||||
Message: web.APIErrorInvalidRequestFormat,
|
Message: web.ErrAPIInvalidRequestFormat.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if err := d.SetPassword(password); err != nil {
|
if err := d.SetPassword(password); err != nil {
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: APIErrroCreatePassword,
|
Message: ErrAPICreatePassword.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
@ -44,7 +44,7 @@ func apiMyPassword(r *gin.Engine, ws *web.Service) {
|
||||||
|
|
||||||
if err := ws.DB.Save(&d).Error; err != nil {
|
if err := ws.DB.Save(&d).Error; err != nil {
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: web.APIErrorInternalDatabase,
|
Message: web.ErrAPIInternalDatabase.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@ func TestAPIPassword(t *testing.T) {
|
||||||
// no auth
|
// no auth
|
||||||
err = s.Request(http.MethodPost, "/api/v1/my/auth/password", &passwordNew, http.StatusUnauthorized, &hErr)
|
err = s.Request(http.MethodPost, "/api/v1/my/auth/password", &passwordNew, http.StatusUnauthorized, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(APIErrorNoSession, hErr.Message)
|
assert.Equal(ErrAPINoSession.Error(), hErr.Message)
|
||||||
|
|
||||||
err = s.TestLogin()
|
err = s.TestLogin()
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
|
|
@ -33,7 +33,7 @@ func TestAPIPassword(t *testing.T) {
|
||||||
// invalid
|
// invalid
|
||||||
err = s.Request(http.MethodPost, "/api/v1/my/auth/password", nil, http.StatusBadRequest, &hErr)
|
err = s.Request(http.MethodPost, "/api/v1/my/auth/password", nil, http.StatusBadRequest, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(web.APIErrorInvalidRequestFormat, hErr.Message)
|
assert.Equal(web.ErrAPIInvalidRequestFormat.Error(), hErr.Message)
|
||||||
|
|
||||||
res := false
|
res := false
|
||||||
// set new password
|
// set new password
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@ func TestAPIMyStatus(t *testing.T) {
|
||||||
// invalid
|
// invalid
|
||||||
err = s.Request(http.MethodGet, "/api/v1/my/auth/status", nil, http.StatusUnauthorized, &hErr)
|
err = s.Request(http.MethodGet, "/api/v1/my/auth/status", nil, http.StatusUnauthorized, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(APIErrorNoSession, hErr.Message)
|
assert.Equal(ErrAPINoSession.Error(), hErr.Message)
|
||||||
|
|
||||||
err = s.TestLogin()
|
err = s.TestLogin()
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,7 @@ func apiPasswordCode(r *gin.Engine, ws *web.Service) {
|
||||||
var req PasswordWithForgetCode
|
var req PasswordWithForgetCode
|
||||||
if err := c.BindJSON(&req); err != nil {
|
if err := c.BindJSON(&req); err != nil {
|
||||||
c.JSON(http.StatusBadRequest, web.HTTPError{
|
c.JSON(http.StatusBadRequest, web.HTTPError{
|
||||||
Message: web.APIErrorInvalidRequestFormat,
|
Message: web.ErrAPIInvalidRequestFormat.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
@ -42,20 +42,20 @@ func apiPasswordCode(r *gin.Engine, ws *web.Service) {
|
||||||
if err := ws.DB.Where("forget_code", req.ForgetCode).First(&d).Error; err != nil {
|
if err := ws.DB.Where("forget_code", req.ForgetCode).First(&d).Error; err != nil {
|
||||||
if errors.Is(err, gorm.ErrRecordNotFound) {
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||||
c.JSON(http.StatusBadRequest, web.HTTPError{
|
c.JSON(http.StatusBadRequest, web.HTTPError{
|
||||||
Message: APIErrorUserNotFound,
|
Message: ErrAPIUserNotFound.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: APIErrroCreatePassword,
|
Message: ErrAPICreatePassword.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if err := d.SetPassword(req.Password); err != nil {
|
if err := d.SetPassword(req.Password); err != nil {
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: APIErrroCreatePassword,
|
Message: ErrAPICreatePassword.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
@ -64,7 +64,7 @@ func apiPasswordCode(r *gin.Engine, ws *web.Service) {
|
||||||
|
|
||||||
if err := ws.DB.Save(&d).Error; err != nil {
|
if err := ws.DB.Save(&d).Error; err != nil {
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: web.APIErrorInternalDatabase,
|
Message: web.ErrAPIInternalDatabase.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ func TestAPIPasswordCode(t *testing.T) {
|
||||||
// invalid
|
// invalid
|
||||||
err = s.Request(http.MethodPost, "/api/v1/auth/password/code", &passwordNew, http.StatusBadRequest, &hErr)
|
err = s.Request(http.MethodPost, "/api/v1/auth/password/code", &passwordNew, http.StatusBadRequest, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(web.APIErrorInvalidRequestFormat, hErr.Message)
|
assert.Equal(web.ErrAPIInvalidRequestFormat.Error(), hErr.Message)
|
||||||
|
|
||||||
res := ""
|
res := ""
|
||||||
// set new password
|
// set new password
|
||||||
|
|
@ -46,7 +46,7 @@ func TestAPIPasswordCode(t *testing.T) {
|
||||||
Password: passwordCurrent,
|
Password: passwordCurrent,
|
||||||
}, http.StatusBadRequest, &hErr)
|
}, http.StatusBadRequest, &hErr)
|
||||||
assert.NoError(err)
|
assert.NoError(err)
|
||||||
assert.Equal(APIErrorUserNotFound, hErr.Message)
|
assert.Equal(ErrAPIUserNotFound.Error(), hErr.Message)
|
||||||
|
|
||||||
forgetCode = uuid.New()
|
forgetCode = uuid.New()
|
||||||
s.DB.DB.Model(&User{ID: TestUser1ID}).Update("forget_code", forgetCode)
|
s.DB.DB.Model(&User{ID: TestUser1ID}).Update("forget_code", forgetCode)
|
||||||
|
|
|
||||||
|
|
@ -1,15 +1,20 @@
|
||||||
package auth
|
package auth
|
||||||
|
|
||||||
const (
|
import "errors"
|
||||||
// APIErrorUserNotFound api error string if user not found
|
|
||||||
APIErrorUserNotFound string = "user not found"
|
|
||||||
// APIErrorIncorrectPassword api error string if password is incorrect
|
|
||||||
APIErrorIncorrectPassword string = "incorrect password"
|
|
||||||
// APIErrorNoSession api error string if no session exists
|
|
||||||
APIErrorNoSession string = "no session"
|
|
||||||
// APIErrorCreateSession api error string if session could not created
|
|
||||||
APIErrorCreateSession string = "create session"
|
|
||||||
|
|
||||||
// APIErrroCreatePassword api error string if password could not created
|
var (
|
||||||
APIErrroCreatePassword string = "error during create password"
|
// ErrAPIUserNotFound api error string if user not found
|
||||||
|
ErrAPIUserNotFound = errors.New("user not found")
|
||||||
|
// ErrAPIIncorrectPassword api error string if password is incorrect
|
||||||
|
ErrAPIIncorrectPassword = errors.New("incorrect password")
|
||||||
|
// ErrAPINoSession api error string if no session exists
|
||||||
|
ErrAPINoSession = errors.New("no session")
|
||||||
|
// ErrAPICreateSession api error string if session could not created
|
||||||
|
ErrAPICreateSession = errors.New("create session")
|
||||||
|
|
||||||
|
// ErrAPICreatePassword api error string if password could not created
|
||||||
|
ErrAPICreatePassword = errors.New("error during create password")
|
||||||
|
|
||||||
|
// ErrAPINoPermission api error string if an error happen on accesing this object
|
||||||
|
ErrAPINoPermission = errors.New("error on access an object")
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ func GetCurrentUserID(c *gin.Context) (uuid.UUID, bool) {
|
||||||
v := session.Get("user_id")
|
v := session.Get("user_id")
|
||||||
if v == nil {
|
if v == nil {
|
||||||
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
||||||
Message: APIErrorNoSession,
|
Message: ErrAPINoSession.Error(),
|
||||||
})
|
})
|
||||||
return uuid.Nil, false
|
return uuid.Nil, false
|
||||||
}
|
}
|
||||||
|
|
@ -38,13 +38,13 @@ func GetCurrentUser(c *gin.Context, ws *web.Service) (*User, bool) {
|
||||||
if err := ws.DB.First(d).Error; err != nil {
|
if err := ws.DB.First(d).Error; err != nil {
|
||||||
if errors.Is(err, gorm.ErrRecordNotFound) {
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||||
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
||||||
Message: APIErrorUserNotFound,
|
Message: ErrAPIUserNotFound.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return nil, false
|
return nil, false
|
||||||
}
|
}
|
||||||
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
c.JSON(http.StatusInternalServerError, web.HTTPError{
|
||||||
Message: web.APIErrorInternalDatabase,
|
Message: web.ErrAPIInternalDatabase.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
return nil, false
|
return nil, false
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,7 @@ func MiddlewarePermissionParam(ws *web.Service, obj HasPermission, param string)
|
||||||
objID, err := uuid.Parse(c.Params.ByName(param))
|
objID, err := uuid.Parse(c.Params.ByName(param))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
||||||
Message: web.APIErrorInvalidRequestFormat,
|
Message: web.ErrAPIInvalidRequestFormat.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
c.Abort()
|
c.Abort()
|
||||||
|
|
@ -42,7 +42,7 @@ func MiddlewarePermissionParam(ws *web.Service, obj HasPermission, param string)
|
||||||
_, err = obj.HasPermission(ws.DB, userID, objID)
|
_, err = obj.HasPermission(ws.DB, userID, objID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
c.JSON(http.StatusUnauthorized, web.HTTPError{
|
||||||
Message: http.StatusText(http.StatusUnauthorized),
|
Message: ErrAPINoPermission.Error(),
|
||||||
Error: err.Error(),
|
Error: err.Error(),
|
||||||
})
|
})
|
||||||
c.Abort()
|
c.Abort()
|
||||||
|
|
|
||||||
10
web/error.go
10
web/error.go
|
|
@ -1,5 +1,7 @@
|
||||||
package web
|
package web
|
||||||
|
|
||||||
|
import "errors"
|
||||||
|
|
||||||
// HTTPError is returned in HTTP error responses.
|
// HTTPError is returned in HTTP error responses.
|
||||||
type HTTPError struct {
|
type HTTPError struct {
|
||||||
Message string `json:"message" example:"invalid format"`
|
Message string `json:"message" example:"invalid format"`
|
||||||
|
|
@ -8,8 +10,8 @@ type HTTPError struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Error strings used for HTTPError.Message.
|
// Error strings used for HTTPError.Message.
|
||||||
const (
|
var (
|
||||||
APIErrorInvalidRequestFormat = "Invalid Request Format"
|
ErrAPIInvalidRequestFormat = errors.New("Invalid Request Format")
|
||||||
APIErrorInternalDatabase = "Internal Database Error"
|
ErrAPIInternalDatabase = errors.New("Internal Database Error")
|
||||||
APIErrorNotFound = "Not found"
|
ErrAPINotFound = errors.New("Not found")
|
||||||
)
|
)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue