cartodb/CartoDB-SQL-API
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,193 Commits 1 Branch 118 Tags 9.7 MiB
b75334f1e7
Commit Graph

2193 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel García Aubert
94c5bd11df Split authorization middleware, it was actually doing two things: authorize and get database connection params 2018-02-22 12:22:39 +01:00
Daniel García Aubert
1252f32579 Get api_key token from res.locals 2018-02-22 12:07:27 +01:00
Daniel García Aubert
8730b5c517 Read if the request is authenticated through res.locals 2018-02-22 12:04:05 +01:00
Daniel García Aubert
b399abee18 Move authorization to auth-api and extract it from user-database-service 2018-02-22 11:46:34 +01:00
Daniel García Aubert
6c92781600 Remove empty line 2018-02-21 16:19:12 +01:00
Daniel García Aubert
9088cbf150 Improve naming 2018-02-21 13:51:28 +01:00
Daniel García Aubert
28a7cf9259 Don't authenticate when default_public api-key is provided 2018-02-21 11:14:31 +01:00
Daniel García Aubert
ba113d8628 Improve naming 2018-02-20 16:43:43 +01:00
Daniel García Aubert
33baa399ae Create function to compose middlewares to perfom job operations 2018-02-20 16:25:16 +01:00
Daniel García Aubert
864ec30058 Remove duplication 2018-02-20 13:22:33 +01:00
Daniel García Aubert
d4d54648d4 Improve naming 2018-02-20 13:14:28 +01:00
Daniel García Aubert
03e9b8006b Actually pass just apikey instead of the entire "res" object 2018-02-19 19:16:33 +01:00
Daniel García Aubert
4bc85836b9 Update development branch of cartodb-redis 2018-02-19 19:12:03 +01:00
Daniel García Aubert
d6776189bd Remove unused param 2018-02-19 16:04:57 +01:00
Daniel García Aubert
4af751ff62 Rename param 2018-02-19 15:58:48 +01:00
Daniel García Aubert
b6a666a8b4 Miss rename middleware 2018-02-19 15:54:05 +01:00
Daniel García Aubert
8c13add7a8 Rename middleware 2018-02-19 15:49:17 +01:00
Daniel García Aubert
939443ef81 Unify credentials and authenticated request midllewares 2018-02-19 15:44:28 +01:00
Daniel García Aubert
7898b49e59 Extract profiler middleware to used in query and job controllers 2018-02-19 15:13:36 +01:00
Daniel García Aubert
85fbd7c6b2 Create middlewares to initialize and finish profiling 2018-02-19 14:42:52 +01:00
Daniel García Aubert
633d06bf2d Do not use underscore 2018-02-19 14:41:06 +01:00
Daniel García Aubert
e04529c501 Rename middleware 2018-02-19 14:20:09 +01:00
Daniel García Aubert
75c2d85dbb Use authenticated middleware in query controller 2018-02-19 13:24:44 +01:00
Daniel García Aubert
114070ef96 Rename middleware 2018-02-19 12:37:19 +01:00
Daniel García Aubert
adfe3dd52b Remove comment 2018-02-19 11:10:39 +01:00
Daniel García Aubert
ea310db62c Cosmetic chenges 2018-02-19 11:04:28 +01:00
Daniel García Aubert
edd382fb8f Check user is the same user that sends the request when basic-auth is provided 2018-02-16 18:21:06 +01:00
Daniel García Aubert
bcf88093e9 Support basic-auth for batch api 2018-02-16 11:52:57 +01:00
Daniel García Aubert
2cadfe6f18 Add support for Basic Auth 2018-02-16 10:46:58 +01:00
Daniel García Aubert
756fbe42c9 Use apikey midlleware 2018-02-15 17:24:04 +01:00
Daniel García Aubert
ad772246d0 Get api_key from specific middleware and save it into res.locals 2018-02-15 17:23:35 +01:00
Daniel García Aubert
1011ecce89 typo 2018-02-15 13:25:12 +01:00
Daniel García Aubert
b8ab580b8a missing comment 2018-02-15 13:20:19 +01:00
Daniel García Aubert
75c972a7a2 Add test to ensure that a job created with specific role can't query to restricted resources 2018-02-15 13:15:01 +01:00
Daniel García Aubert
f01bfbbfd6 Fix property names to not expose user's credential info 2018-02-15 13:12:40 +01:00
Daniel García Aubert
87f80c364b Add tests to validate that a wrong apikey should use default public credentials 2018-02-15 12:36:54 +01:00
Daniel García Aubert
e2b8fa9e22 Retrieve database credentials from jobs stored in redis 2018-02-15 12:31:08 +01:00
Daniel García Aubert
67f2a85abd Add database credentials to jobs 2018-02-15 12:30:04 +01:00
Daniel García Aubert
b81df11a56 Pass user's database credentiasl to query runner 2018-02-15 12:26:36 +01:00
Daniel García Aubert
7a3ad2b5e0 Fallback: if the jod doesn't have databse credentials then get them from users' metadata 2018-02-15 12:25:55 +01:00
Daniel García Aubert
77b33032e3 Do not expose sensible info about users (database credentials) 2018-02-15 12:24:26 +01:00
Daniel García Aubert
ea6e8b5315 Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 16:22:36 +01:00
Daniel García Aubert
e0e9f1e1df Cosmetic changes 2018-02-14 12:19:02 +01:00
Daniel García Aubert
f2074ba237 Drain batch test client 2018-02-14 12:10:41 +01:00
Daniel García Aubert
974d219aad Add test for batch api 2018-02-13 19:47:00 +01:00
Daniel García Aubert
7ba95d28cc Add test to check regular api keys 2018-02-13 17:53:27 +01:00
Daniel García Aubert
88c0751f52 Fix assertion 2018-02-13 16:10:08 +01:00
Daniel García Aubert
08183bf083 Add integration test 2018-02-13 12:44:55 +01:00
Daniel García Aubert
38459c021f Merge branch 'master' into auth-api 2018-02-12 18:10:52 +01:00
Daniel García Aubert
7c859f0d7b Use actual apikey properties 2018-02-12 17:49:50 +01:00