Handle unauthorized user events gracefully (#15071)

tokarchuk/v1.17
Lauris BH 4 years ago committed by GitHub
parent 78e8f62706
commit 2f0eb9fd5d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 11
      routers/events/events.go
  2. 2
      routers/routes/web.go

@ -30,6 +30,17 @@ func Events(ctx *context.Context) {
ctx.Resp.Header().Set("X-Accel-Buffering", "no") ctx.Resp.Header().Set("X-Accel-Buffering", "no")
ctx.Resp.WriteHeader(http.StatusOK) ctx.Resp.WriteHeader(http.StatusOK)
if !ctx.IsSigned {
// Return unauthorized status event
event := (&eventsource.Event{
Name: "unauthorized",
Data: "sorry",
})
_, _ = event.WriteTo(ctx)
ctx.Resp.Flush()
return
}
// Listen to connection close and un-register messageChan // Listen to connection close and un-register messageChan
notify := ctx.Req.Context().Done() notify := ctx.Req.Context().Done()
ctx.Resp.Flush() ctx.Resp.Flush()

@ -400,7 +400,7 @@ func RegisterRoutes(m *web.Route) {
}) })
}, reqSignOut) }, reqSignOut)
m.Any("/user/events", reqSignIn, events.Events) m.Any("/user/events", events.Events)
m.Group("/login/oauth", func() { m.Group("/login/oauth", func() {
m.Get("/authorize", bindIgnErr(auth.AuthorizationForm{}), user.AuthorizeOAuth) m.Get("/authorize", bindIgnErr(auth.AuthorizationForm{}), user.AuthorizeOAuth)

Loading…
Cancel
Save