Skip to content

Commit

Permalink
Various user_or_id fixes
Browse files Browse the repository at this point in the history
There are a few places in the API where we re-fetch the User when it is
already available.

These fixes allow for making use of the existing user that already
exists instead of calling another lookup.  The two places involved are:

- When authenticating using .basic_authentication
- When generating a token for the user (on login)
  • Loading branch information
NickLaMuro committed Jan 20, 2021
1 parent 1f962e1 commit cd3e8d1
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 7 deletions.
2 changes: 1 addition & 1 deletion app/controllers/api/auth_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ class AuthController < BaseController
def show
requester_type = fetch_and_validate_requester_type
token_service = Environment.user_token_service
auth_token = token_service.generate_token(User.current_user.userid, requester_type)
auth_token = token_service.generate_token(User.current_user, requester_type)
token_info = token_service.token_mgr(requester_type).token_get_info(auth_token)
res = {
:auth_token => auth_token,
Expand Down
11 changes: 8 additions & 3 deletions app/controllers/api/base_controller/authentication.rb
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,13 @@ def api_token_mgr
Environment.user_token_service.token_mgr('api')
end

def auth_user(userid)
auth_user_obj = User.lookup_by_identity(userid, lookup_scope: :api_includes)
def auth_user(user_or_id)
if user_or_id.kind_of?(User)
auth_user_obj = user_or_id
else
auth_user_obj = User.lookup_by_identity(user_or_id, lookup_scope: :api_includes)
end

authorize_user_group(auth_user_obj)
validate_user_identity(auth_user_obj)
User.current_user = auth_user_obj
Expand Down Expand Up @@ -155,7 +160,7 @@ def authenticate_with_jwt
def basic_authentication(username, password)
timeout = ::Settings.api.authentication_timeout.to_i_with_method
user = User.authenticate(username, password, request, :require_user => true, :timeout => timeout, :lookup_scope => :api_includes)
auth_user(user.userid)
auth_user(user)
rescue MiqException::MiqEVMLoginError => e
raise AuthenticationError, e.message
end
Expand Down
10 changes: 7 additions & 3 deletions lib/services/api/user_token_service.rb
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,13 @@ def api_config
@api_config ||= ::Settings[base_config[:module]].to_hash
end

def generate_token(userid, requester_type, token_ttl: nil)
userid = userid.downcase
validate_userid(userid)
def generate_token(user_or_id, requester_type, token_ttl: nil)
if user_or_id.kind_of?(User)
userid = user_or_id.userid.downcase
else
userid = user_or_id.downcase
validate_userid(userid)
end
validate_requester_type(requester_type)

# Additional Requester type token ttl's for authentication
Expand Down

0 comments on commit cd3e8d1

Please sign in to comment.