using query param for access token in attribute module

2025-02-14 12:39:17 +00:00 · 2022-03-20 14:41:18 -07:00 · 2022-03-20 14:41:18 -07:00 · 1c3f06cd5a
commit 1c3f06cd5a
parent 8c84971513
10 changed files with 36 additions and 19 deletions
--- a/net/server/internal/api_addArticle.go
+++ b/net/server/internal/api_addArticle.go
@ -9,7 +9,7 @@ import (

 func AddArticle(w http.ResponseWriter, r *http.Request) {

-  account, code, err := BearerAppToken(r, false)
+  account, code, err := ParamAgentToken(r, false)
  if err != nil {
    ErrResponse(w, code, err)
    return
--- a/net/server/internal/api_clearArticleGroup.go
+++ b/net/server/internal/api_clearArticleGroup.go
@ -10,7 +10,7 @@ import (

 func ClearArticleGroup(w http.ResponseWriter, r *http.Request) {

-  account, code, err := BearerAppToken(r, false);
+  account, code, err := ParamAgentToken(r, false);
  if err != nil {
    ErrResponse(w, code, err)
    return
--- a/net/server/internal/api_getArticleSubjectField.go
+++ b/net/server/internal/api_getArticleSubjectField.go
@ -23,16 +23,16 @@ func GetArticleSubjectField(w http.ResponseWriter, r *http.Request) {

  var guid string
  var act *store.Account
-  tokenType := r.Header.Get("TokenType")
+  tokenType := ParamTokenType(r)
  if tokenType == APP_TOKENAGENT {
-    account, code, err := BearerAppToken(r, false);
+    account, code, err := ParamAgentToken(r, false);
    if err != nil {
      ErrResponse(w, code, err)
      return
    }
    act = account
  } else if tokenType == APP_TOKENCONTACT {
-    card, code, err := BearerContactToken(r, true)
+    card, code, err := ParamContactToken(r, true)
    if err != nil {
      ErrResponse(w, code, err)
      return
--- a/net/server/internal/api_getArticles.go
+++ b/net/server/internal/api_getArticles.go
@ -49,10 +49,10 @@ func GetArticles(w http.ResponseWriter, r *http.Request) {
  }

  var response []*Article
-  tokenType := r.Header.Get("TokenType")
+  tokenType := ParamTokenType(r)
  if tokenType == APP_TOKENAGENT {

-    account, code, err := BearerAppToken(r, false);
+    account, code, err := ParamAgentToken(r, false);
    if err != nil {
      ErrResponse(w, code, err)
      return
@ -81,7 +81,7 @@ func GetArticles(w http.ResponseWriter, r *http.Request) {

  } else if tokenType == APP_TOKENCONTACT {

-    card, code, err := BearerContactToken(r, true)
+    card, code, err := ParamContactToken(r, true)
    if err != nil {
      ErrResponse(w, code, err)
      return
--- a/net/server/internal/api_getProfileMessage.go
+++ b/net/server/internal/api_getProfileMessage.go
@ -8,7 +8,8 @@ import (

 func GetProfileMessage(w http.ResponseWriter, r *http.Request) {
  var code int
-  tokenType, err := ParamTokenType(r)
+  var err error
+  tokenType := ParamTokenType(r)

  // load account record
  var account *store.Account
--- a/net/server/internal/api_removeArticle.go
+++ b/net/server/internal/api_removeArticle.go
@ -10,7 +10,7 @@ import (

 func RemoveArticle(w http.ResponseWriter, r *http.Request) {

-  account, code, err := BearerAppToken(r, false);
+  account, code, err := ParamAgentToken(r, false);
  if err != nil {
    ErrResponse(w, code, err)
    return
--- a/net/server/internal/api_setArticleGroup.go
+++ b/net/server/internal/api_setArticleGroup.go
@ -10,7 +10,7 @@ import (

 func SetArticleGroup(w http.ResponseWriter, r *http.Request) {

-  account, code, err := BearerAppToken(r, false);
+  account, code, err := ParamAgentToken(r, false);
  if err != nil {
    ErrResponse(w, code, err)
    return
--- a/net/server/internal/api_setArticleSubject.go
+++ b/net/server/internal/api_setArticleSubject.go
@ -10,7 +10,7 @@ import (

 func SetArticleSubject(w http.ResponseWriter, r *http.Request) {

-  account, code, err := BearerAppToken(r, false);
+  account, code, err := ParamAgentToken(r, false);
  if err != nil {
    ErrResponse(w, code, err)
    return
--- a/net/server/internal/authUtil.go
+++ b/net/server/internal/authUtil.go
@ -155,23 +155,23 @@ func ParseToken(token string) (string, string, error) {
  return split[0], split[1], nil
 }

-func ParamTokenType(r *http.Request) (string, error) {
+func ParamTokenType(r *http.Request) string {
  if r.FormValue(APP_TOKENCONTACT) != "" {
-    return APP_TOKENCONTACT, nil
+    return APP_TOKENCONTACT
  }
  if r.FormValue(APP_TOKENAGENT) != "" {
-    return APP_TOKENAGENT, nil
+    return APP_TOKENAGENT
  }
  if r.FormValue(APP_TOKENATTACH) != "" {
-    return APP_TOKENATTACH, nil
+    return APP_TOKENATTACH
  }
  if r.FormValue(APP_TOKENCREATE) != "" {
-    return APP_TOKENCREATE, nil
+    return APP_TOKENCREATE
  }
  if r.FormValue(APP_TOKENRESET) != "" {
-    return APP_TOKENRESET, nil
+    return APP_TOKENRESET
  }
-  return "", errors.New("missing access token")
+  return ""
 }

 func ParamContactToken(r *http.Request, detail bool) (*store.Card, int, error) {
--- a/net/server/internal/testUtil.go
+++ b/net/server/internal/testUtil.go
@ -70,6 +70,22 @@ func ApiTestData(
  var r *http.Request
  var w *httptest.ResponseRecorder

+  if tokenType == APP_TOKENAGENT {
+    if !strings.Contains(name, "?") {
+      name += "?"
+    } else {
+      name += "&"
+    }
+    name += "agent=" + token
+  } else if tokenType == APP_TOKENCONTACT {
+    if !strings.Contains(name, "?") {
+      name += "?"
+    } else {
+      name += "&"
+    }
+    name += "contact=" + token
+  }
+
  if r, w, err = NewRequest(requestType, name, body); err != nil {
    return
  }