Fix middleware function's placements for some `/user/...` (#19377)

- Add reqSignIn to `/user/task/{task}` as it specific to a logged in user currently not-logged in user could cause a NPE.
- Move `/user/stopwatch` & `/user/search` middleware before the actual function is called, because functions are executed in order and currently hadn't any effect and could as well cause a NPE due to that.
- Remove `/user/active` reqSignIn middleware, because when you want to active a account you're not "signed in" so it doesn't make sense to add that middleware.
tokarchuk/v1.17
Gusted 3 years ago committed by GitHub
parent d139c23967
commit 0d3d9675c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 10
      routers/web/web.go

@ -429,8 +429,8 @@ func RegisterRoutes(m *web.Route) {
m.Group("/user", func() { m.Group("/user", func() {
// r.Get("/feeds", binding.Bind(auth.FeedsForm{}), user.Feeds) // r.Get("/feeds", binding.Bind(auth.FeedsForm{}), user.Feeds)
m.Get("/activate", auth.Activate, reqSignIn) m.Get("/activate", auth.Activate)
m.Post("/activate", auth.ActivatePost, reqSignIn) m.Post("/activate", auth.ActivatePost)
m.Any("/activate_email", auth.ActivateEmail) m.Any("/activate_email", auth.ActivateEmail)
m.Get("/avatar/{username}/{size}", user.AvatarByUserName) m.Get("/avatar/{username}/{size}", user.AvatarByUserName)
m.Get("/recover_account", auth.ResetPasswd) m.Get("/recover_account", auth.ResetPasswd)
@ -438,9 +438,9 @@ func RegisterRoutes(m *web.Route) {
m.Get("/forgot_password", auth.ForgotPasswd) m.Get("/forgot_password", auth.ForgotPasswd)
m.Post("/forgot_password", auth.ForgotPasswdPost) m.Post("/forgot_password", auth.ForgotPasswdPost)
m.Post("/logout", auth.SignOut) m.Post("/logout", auth.SignOut)
m.Get("/task/{task}", user.TaskStatus) m.Get("/task/{task}", reqSignIn, user.TaskStatus)
m.Get("/stopwatches", user.GetStopwatches, reqSignIn) m.Get("/stopwatches", reqSignIn, user.GetStopwatches)
m.Get("/search", user.Search, ignExploreSignIn) m.Get("/search", ignExploreSignIn, user.Search)
}) })
// ***** END: User ***** // ***** END: User *****

Loading…
Cancel
Save