fix: use correct context keys when retrieving userID & role

JordanKnott · Aug 22, 2020 · 314bf22 · 314bf22
1 parent 3c4370e
commit 314bf22
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 21 deletions.
diff --git a/internal/graph/graph.go b/internal/graph/graph.go
@@ -17,6 +17,7 @@ import (
 	"github.com/google/uuid"
 	"github.com/jordanknott/taskcafe/internal/auth"
 	"github.com/jordanknott/taskcafe/internal/db"
+	"github.com/jordanknott/taskcafe/internal/utils"
 	log "github.com/sirupsen/logrus"
 )
 
@@ -108,13 +109,13 @@ func NewPlaygroundHandler(endpoint string) http.Handler {
 
 // GetUserID retrieves the UserID out of a context
 func GetUserID(ctx context.Context) (uuid.UUID, bool) {
-	userID, ok := ctx.Value("userID").(uuid.UUID)
+	userID, ok := ctx.Value(utils.UserIDKey).(uuid.UUID)
 	return userID, ok
 }
 
 // GetUserRole retrieves the user role out of a context
 func GetUserRole(ctx context.Context) (auth.Role, bool) {
-	role, ok := ctx.Value("org_role").(auth.Role)
+	role, ok := ctx.Value(utils.OrgRoleKey).(auth.Role)
 	return role, ok
 }
 
@@ -127,7 +128,7 @@ func GetUser(ctx context.Context) (uuid.UUID, auth.Role, bool) {
 
 // GetRestrictedMode retrieves the restricted mode code out of a context
 func GetRestrictedMode(ctx context.Context) (auth.RestrictedMode, bool) {
-	restricted, ok := ctx.Value("restricted_mode").(auth.RestrictedMode)
+	restricted, ok := ctx.Value(utils.RestrictedModeKey).(auth.RestrictedMode)
 	return restricted, ok
 }
 

diff --git a/internal/graph/schema.resolvers.go b/internal/graph/schema.resolvers.go
@@ -892,7 +892,7 @@ func (r *queryResolver) Projects(ctx context.Context, input *ProjectsFilter) ([]
 
 	visibleProjects, err := r.Repository.GetAllVisibleProjectsForUserID(ctx, userID)
 	if err != nil {
-		log.Info("user id was not found from middleware")
+		log.WithField("userID", userID).Info("error getting visible projects for user")
 		return []db.Project{}, nil
 	}
 	for _, project := range visibleProjects {
@@ -942,7 +942,7 @@ func (r *queryResolver) Teams(ctx context.Context) ([]db.Team, error) {
 
 	visibleProjects, err := r.Repository.GetAllVisibleProjectsForUserID(ctx, userID)
 	if err != nil {
-		log.Info("user id was not found from middleware")
+		log.WithField("userID", userID).Info("error while getting visible projects")
 		return []db.Team{}, err
 	}
 	for _, project := range visibleProjects {
@@ -951,7 +951,7 @@ func (r *queryResolver) Teams(ctx context.Context) ([]db.Team, error) {
 			log.WithFields(log.Fields{"projectID": project.ProjectID.String()}).Info("adding visible project")
 			team, err := r.Repository.GetTeamByID(ctx, project.TeamID)
 			if err != nil {
-				log.Info("user id was not found from middleware")
+				log.WithField("teamID", project.TeamID).Info("error getting team by id")
 				return []db.Team{}, err
 			}
 			teams[project.TeamID.String()] = team

diff --git a/internal/route/middleware.go b/internal/route/middleware.go
@@ -7,21 +7,10 @@ import (
 
 	"github.com/google/uuid"
 	"github.com/jordanknott/taskcafe/internal/auth"
+	"github.com/jordanknott/taskcafe/internal/utils"
 	log "github.com/sirupsen/logrus"
 )
 
-// ContextKey represents a context key
-type ContextKey string
-
-const (
-	// UserIDKey is the key for the user id of the authenticated user
-	UserIDKey ContextKey = "userID"
-	//RestrictedModeKey is the key for whether the authenticated user only has access to install route
-	RestrictedModeKey ContextKey = "restricted_mode"
-	// OrgRoleKey is the key for the organization role code of the authenticated user
-	OrgRoleKey ContextKey = "org_role"
-)
-
 // AuthenticationMiddleware is a middleware that requires a valid JWT token to be passed via the Authorization header
 func AuthenticationMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -64,9 +53,9 @@ func AuthenticationMiddleware(next http.Handler) http.Handler {
 				return
 			}
 		}
-		ctx := context.WithValue(r.Context(), UserIDKey, userID)
-		ctx = context.WithValue(ctx, RestrictedModeKey, accessClaims.Restricted)
-		ctx = context.WithValue(ctx, OrgRoleKey, accessClaims.OrgRole)
+		ctx := context.WithValue(r.Context(), utils.UserIDKey, userID)
+		ctx = context.WithValue(ctx, utils.RestrictedModeKey, accessClaims.Restricted)
+		ctx = context.WithValue(ctx, utils.OrgRoleKey, accessClaims.OrgRole)
 
 		next.ServeHTTP(w, r.WithContext(ctx))
 	})

diff --git a/internal/utils/context.go b/internal/utils/context.go
@@ -0,0 +1,13 @@
+package utils
+
+// ContextKey represents a context key
+type ContextKey string
+
+const (
+	// UserIDKey is the key for the user id of the authenticated user
+	UserIDKey ContextKey = "userID"
+	//RestrictedModeKey is the key for whether the authenticated user only has access to install route
+	RestrictedModeKey ContextKey = "restricted_mode"
+	// OrgRoleKey is the key for the organization role code of the authenticated user
+	OrgRoleKey ContextKey = "org_role"
+)