Delete some TODOs that I've made into tasks
This commit is contained in:
Daniel Krol
parent
aac7ef713e
commit
f04a01a5a0
|
|
@ -27,7 +27,6 @@ const ScopeFull = AuthScope("*")
|
|||
|
||||
// For test stubs
|
||||
type AuthInterface interface {
|
||||
// TODO maybe have a "refresh token" thing if the client won't have email available all the time?
|
||||
NewAuthToken(UserId, DeviceId, AuthScope) (*AuthToken, error)
|
||||
NewVerifyTokenString() (VerifyTokenString, error)
|
||||
}
|
||||
|
|
@ -46,7 +45,7 @@ const TokenLength = 32
|
|||
|
||||
func (a *Auth) NewAuthToken(userId UserId, deviceId DeviceId, scope AuthScope) (*AuthToken, error) {
|
||||
b := make([]byte, TokenLength)
|
||||
// TODO - Is this is a secure random function? (Maybe audit)
|
||||
// TODO - Audit: Is this is a secure random function?
|
||||
if _, err := rand.Read(b); err != nil {
|
||||
return nil, fmt.Errorf("Error generating token: %+v", err)
|
||||
}
|
||||
|
|
@ -62,7 +61,7 @@ func (a *Auth) NewAuthToken(userId UserId, deviceId DeviceId, scope AuthScope) (
|
|||
|
||||
func (a *Auth) NewVerifyTokenString() (VerifyTokenString, error) {
|
||||
b := make([]byte, TokenLength)
|
||||
// TODO - Is this is a secure random function? (Maybe audit)
|
||||
// TODO - Audit: Is this is a secure random function?
|
||||
if _, err := rand.Read(b); err != nil {
|
||||
return "", fmt.Errorf("Error generating token: %+v", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,8 +21,6 @@ import (
|
|||
|
||||
// Whereas sever_test.go stubs out auth store and wallet, these will use the real thing, but test fewer paths.
|
||||
|
||||
// TODO - test some unhappy paths? Don't want to retest all the unit tests though.
|
||||
|
||||
// Integration test requires a real sqlite database
|
||||
func storeTestInit(t *testing.T) (s store.Store, tmpFile *os.File) {
|
||||
s = store.Store{}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,5 @@
|
|||
package paths
|
||||
|
||||
// TODO proper doc comments!
|
||||
|
||||
const ApiVersion = "3"
|
||||
const PathPrefix = "/api/" + ApiVersion
|
||||
|
||||
|
|
|
|||
|
|
@ -25,8 +25,6 @@ type Server struct {
|
|||
port int
|
||||
}
|
||||
|
||||
// TODO If I capitalize the `auth` `store` and `env` fields of Store{} I can
|
||||
// create Store{} structs directly from main.go.
|
||||
func Init(
|
||||
auth auth.AuthInterface,
|
||||
store store.StoreInterface,
|
||||
|
|
@ -77,7 +75,6 @@ func internalServiceErrorJson(w http.ResponseWriter, serverErr error, errContext
|
|||
|
||||
// Cut down on code repetition. No need to return errors since it can all be
|
||||
// handled here. Just return a bool to indicate success.
|
||||
// TODO the names `getPostData` and `getGetData` don't fully describe what they do
|
||||
|
||||
func requestOverhead(w http.ResponseWriter, req *http.Request, method string) bool {
|
||||
if req.Method != method {
|
||||
|
|
@ -94,10 +91,6 @@ type PostRequest interface {
|
|||
validate() error
|
||||
}
|
||||
|
||||
// TODO decoder.DisallowUnknownFields?
|
||||
// TODO GET params too large (like StatusRequestEntityTooLarge)? Or is that
|
||||
// somehow handled by the http library due to a size limit in the http spec?
|
||||
|
||||
// Confirm it's a Post request, various overhead, decode the json, validate the struct
|
||||
func getPostData(w http.ResponseWriter, req *http.Request, reqStruct PostRequest) bool {
|
||||
if !requestOverhead(w, req, http.MethodPost) {
|
||||
|
|
@ -137,7 +130,7 @@ func getGetData(w http.ResponseWriter, req *http.Request) bool {
|
|||
}
|
||||
|
||||
// TODO - probably don't return all of authToken since we only need userId and
|
||||
// deviceId. Also this is apparently not idiomatic go error handling.
|
||||
// deviceId.
|
||||
func (s *Server) checkAuth(
|
||||
w http.ResponseWriter,
|
||||
token auth.AuthTokenString,
|
||||
|
|
|
|||
Loading…
Reference in a new issue