New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jormun: Feat avoid pg authentication for bad token #3893

Merged

kadhikari merged 8 commits into dev from feat_avoid_pg_authentification_for_bad_token

Jan 17, 2023

Contributor

kadhikari commented Jan 5, 2023 •

edited

Loading

Some details of modifications:

When no token provided (even with some empty spaces), no need to verify can_connect_to_database()
Since we cache token - Object User, for a bad token (token not in database) we get a default user with type=no_access and cache it. There will be no access to the database during cache for this token.
When database in not accessible, all the requests with a token (bad or good) will have access to all the apis when cache for each token is renewed.

For more details: https://navitia.atlassian.net/browse/NAV-1642

kadhikari added 3 commits

January 5, 2023 11:52


          Avoid pg authentification for un request with bad token

42e9a55


          Comments added

1fec6ce


          Comments updated

kadhikari requested review from stifoon, azime, pbench, woshilapin and xlqian

January 5, 2023 11:03

kadhikari added 3 commits

January 5, 2023 12:10


          Formatting

43aa70e


          Default user without access (type=no_access) added in script

9c7e3f7


          Formatting 1

e51497b

woshilapin approved these changes

View reviewed changes

source/tyr/migrations/versions/04f9b89e3ef5_add_no_access_in_user_type.py Show resolved Hide resolved

source/tyr/migrations/versions/04f9b89e3ef5_add_no_access_in_user_type.py Outdated Show resolved Hide resolved

source/navitiacommon/navitiacommon/models/__init__.py Outdated Show resolved Hide resolved

source/jormungandr/jormungandr/authentication.py Show resolved Hide resolved

pbougue reviewed

View reviewed changes

Contributor

pbougue left a comment

I don't know how authent works (what's carried by coverage, what's carried by user), so I'm not sharp on that.
I'd say that can_connect_to_database is probably used too much indeed, but I don't know for sure where it's important and performant to keep it.

source/tyr/migrations/versions/04f9b89e3ef5_add_no_access_in_user_type.py Outdated Show resolved Hide resolved

source/tyr/tyr/resources.py Outdated Show resolved Hide resolved

source/navitiacommon/navitiacommon/models/__init__.py Outdated Show resolved Hide resolved

source/jormungandr/jormungandr/api.py Outdated Show resolved Hide resolved


          Some modifications on remarks

6f15113

pbougue reviewed

View reviewed changes

source/jormungandr/jormungandr/api.py Show resolved Hide resolved

kadhikari force-pushed the feat_avoid_pg_authentification_for_bad_token branch from 5889c0b to 6f15113 Compare

January 16, 2023 15:17


          Tyr should not add user with user_type = no_access

22ad94b

pbougue approved these changes

View reviewed changes

sonarqubecloud bot commented Jan 16, 2023

SonarCloud Quality Gate failed.

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

6.2% Coverage
0.0% Duplication

azime approved these changes

View reviewed changes

kadhikari merged commit 5abdae1 into dev

kadhikari deleted the feat_avoid_pg_authentification_for_bad_token branch

January 17, 2023 11:16

pbougue changed the title ~~Feat avoid pg authentification for bad token~~ Jormun: Feat avoid pg authentication for bad token

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

woshilapin woshilapin approved these changes

azime azime approved these changes

pbougue pbougue approved these changes

stifoon Awaiting requested review from stifoon

pbench Awaiting requested review from pbench

xlqian Awaiting requested review from xlqian

Labels

None yet